geo-brand-mentions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow explicitly instructs the agent to fetch and scrape open/public third‑party sources (e.g., WebFetch and site searches for YouTube, Reddit, Wikipedia via the Python/Wikidata API, LinkedIn, Quora, StackOverflow, GitHub, news sites) and to interpret those user‑generated mentions to compute scores and drive recommendations, which clearly exposes the agent to untrusted third‑party content that could supply indirect instructions.