run-seo-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflows and tool sequences (SKILL.md and the references/workflows/* files) explicitly call tools that fetch and ingest public third‑party content — e.g., analyze-serp (search results), audit-site (site crawls), analyze-business (public reviews/listings), analyze-app (app store data) and analyze-ai-presence (including llm_response) — and instruct the agent to read/interpret those results and follow tool-supplied nextSteps, so untrusted external content can materially influence subsequent tool use and decisions.