seo-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). Yes — SKILL.md explicitly instructs the agent to fetch the homepage (via scripts/fetch_page.py) and crawl up to 500 public website pages and then use that page content to detect business type, spawn subagents, and generate recommendations, so untrusted third‑party web content can directly influence agent decisions.