geo-schema

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 1: "Fetch the target page HTML using curl or WebFetch" in SKILL.md) instructs the agent to retrieve and parse HTML/JSON-LD from arbitrary public web pages and uses that content to drive validation, scoring, and generated schema output, so untrusted third-party page content can materially influence tool decisions.