plausible

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to query Plausible's public APIs (e.g., https://plausible.io/api/v2/query and the Sites API) and to read dimensions like visit:referrer and visit:utm_campaign (untrusted, user-provided data), which the agent is expected to ingest and could materially influence analysis or follow-up actions (e.g., creating goals or shared links).