cro-methodology

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow repeatedly instructs the agent/user to gather and interpret open/public user-generated sources—e.g., "reviews, social media, competitor analysis" (Customer Research & Objections, RESEARCH.md, OBJECTIONS.md) including "Reddit, Twitter threads"—and use those findings to drive hypotheses, tests, and next actions, which exposes the agent to untrusted third‑party content that can materially influence behavior.