conversion-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required "Step 1: Fetch & Parse" explicitly instructs the agent to fetch a user-provided URL and extract the full rendered page content (text, CTAs, testimonials, etc.), which are open/public third‑party pages and are read and used to drive the audit's decisions, enabling indirect prompt injection via the page content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill's runtime Step 1 explicitly fetches the user-provided landing page URL (the user-supplied [url]) and injects the page's rendered content into the model context to produce the audit, so arbitrary external pages can directly control the agent's prompts and outputs.