setup-company

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly tells the agent to "visit" and "research" user-provided website URLs/docs (see "Step 2: Gather Information" and "Instructions" points 2 — e.g., "If they give you a website URL, visit it and draft..."), which means it will fetch and interpret untrusted public third-party content that can influence its outputs and actions.