competitive-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md Step 2 — the "Sub-agent instruction" template) explicitly directs sub-agents to use Playwright MCP to navigate and snapshot arbitrary competitor URLs (e.g., homepage, /pricing, /features, /about, /careers) and to run WebSearch queries for reviews, meaning the agent will fetch and interpret untrusted public web and user-generated content that can influence its extracted JSON, scoring, and follow-on actions.