icp-website-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's main workflow (Phase 2 and Phase 3 in SKILL.md) explicitly instructs the agent to crawl and fetch public websites (client and competitor sites) and check external presence like search results, review sites, and social proof, and the Dependencies list a web search and web fetch capability—so the agent will ingest untrusted, user-generated/open-web content that directly influences scoring, comparisons, and recommendations.