ads-competitors

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly instructs the agent to fetch and scrape public third‑party sites and ad libraries (Execution Flow steps 1–4: "Fetch the target business website" via WebFetch, identify competitors via web search, "Fetch each competitor's website", and "Search for competitor ads" using Meta Ad Library and Google Ads Transparency Center), so it ingests untrusted external content that can materially influence analysis and subsequent actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly ALWAYS fetches a user-supplied target business website at runtime via WebFetch (the user-provided target URL, e.g., https://[target-business-url]) and uses that page content to drive the agent's analysis and output, meaning arbitrary external content can directly influence/drive prompts.