geo-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and crawls public websites (Phase 1: "Use WebFetch to retrieve the homepage" and sitemap/internal link crawling) and Subagent 2 checks third‑party platforms like YouTube, Reddit, Wikipedia, and LinkedIn, ingesting untrusted user-generated content that is then used to compute scores and drive recommendations, which could enable indirect prompt injection.