seo-maps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests untrusted public content — e.g., "Fetch Google reviews via DataForSEO Reviews API" and "Fetch Tripadvisor and Trustpilot reviews", WebFetch calls like "https://www.bing.com/maps?q=BUSINESS+NAME+LOCATION", and Overpass/Nominatim queries — and the agent is required to read and act on that content as part of workflows (geo-grid ranking, review-fraud detection, GBP audits), so third-party instructions or user-generated content could materially influence behavior.