yao-business-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow and source foundation explicitly instruct the agent to "gather evidence by tier" and consume public evidence items (see evidence_items.source_url entries in reports/hubspot-formal-input.json such as https://ir.hubspot.com/... and https://www.hubspot.com/...), so it ingests open/public third‑party webpages and uses that content to drive analysis and actions.