geo-audit-report

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill mandates running the Bright Data collector and downloading snapshots (see SKILL.md and scripts/brightdata-geo.py's download_snapshot/raw snapshot handling and to_sources/to_search_results logic), which ingest citations, search_sources, and web_search_query data drawn from public websites, UGC (e.g., Reddit/Quora), and YouTube — content the agent reads and uses to drive analysis and recommendations, so untrusted third-party content can materially influence its actions.