ads-strategy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly uses WebFetch to retrieve the user-provided homepage (Phase 1 Step 1) and WebSearch/WebFetch to gather competitor pages and public sources (Phase 1 Step 3 and Agent 4 referencing Meta Ad Library / Google Ads Transparency Center), so it ingests untrusted public web content that the agents must interpret and which directly drives decisions and tool actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly uses WebFetch at runtime to retrieve the user-provided business homepage URL (the target URL supplied to /ads strategy) and injects the extracted content verbatim into the context package passed to all subagents, meaning external page content directly controls agent prompts.