startup-competitive-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Workflow and Lightweight CI Monitoring explicitly require fetching and tracking public web sources (Workflow step 2 "Collect evidence" and "Lightweight CI Monitoring" / data/sources.json) — e.g., pricing pages, changelogs, job postings, and review sites — which the agent is expected to read and use to make match/ignore/bet decisions, exposing it to untrusted third-party content.