geo-citability

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Analysis Procedure explicitly instructs the agent to "Use WebFetch to retrieve the target URL" and then parse and score arbitrary web page content as part of its workflow, so it ingests untrusted public web pages whose text can directly influence scoring, rewrite suggestions, and subsequent actions (SKILL.md Step 1 and the subsequent segmentation/scoring steps).

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 1.00). The skill explicitly calls "Use WebFetch to retrieve the target URL" at runtime, meaning a user-supplied target URL (the WebFetch target URL) is fetched and its page content is injected into the agent context and used to drive analysis and rewrite suggestions, so the fetched external content directly controls the agent's prompts and is a required dependency.