geo-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill fetches and parses arbitrary public websites (homepage, robots.txt, llms.txt, sitemap and up to 50 pages) as part of its required audit flow—see SKILL.md Phase 1 and scripts/fetch_page.py (fetch_page, fetch_robots, fetch_llms_txt, crawl_sitemap)—and then reads and uses that untrusted third-party content to generate recommendations and auto‑fix files that can change behavior, so it clearly exposes the agent to indirect prompt injection risk.