agency-onboard

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and parse open/public webpages (Phase 1 "Fetch the target URL" via WebFetch) and to run WebSearch/WebFetch on external review pages and site resources in multiple subagents (Marketing STEP 1, Reputation STEP 1–2, GEO/SEO STEP 1–2, Legal STEP 1–2, Sales STEP 1–2), meaning it ingests untrusted third‑party content that the agent will read and use to drive scores, recommendations, and actions.