google-ads-rsas

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly pulls user-generated search queries via the search tool on google-ads-mcp (see the search_term_view GAQL query) and also accepts a "Search terms report" in export mode, and it requires extracting buyer language from those external search terms to drive RSA drafting—so untrusted third‑party content directly influences decisions and outputs.