ai-marketing-skills-tom-babb

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The “Knowledge Scrape to Content Workflow” explicitly scrapes outsider-authored free text from public sources (e.g., Reddit submissions’ selftext and comments, plus YouTube comments/forums) at runtime and then instructs the LLM to synthesize it into a content brief by pasting the scraped pain points into the prompt.

MEDIUM W009: Direct money access capability detected (payment gateways, crypto, banking).

• Direct money access detected (high risk: 1.00). The skill collection explicitly includes paid-advertising workflows and names integrations that can modify ad accounts: "Paid Advertising: Google Ads campaign generation workflows", "Google Ads API: Campaign management", and "Pipeboard: Direct integration to ad platforms". These are specific tools for managing ad campaigns and ad spend (including budgets), which constitutes direct financial execution authority per the policy (managing ad spend/budgets via APIs).