ad-creative

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly ingests and analyzes third-party performance data ("When the user provides performance data (CSV, paste, or API output)"), and also instructs pulling reports from external ad platforms (e.g., node tools/clis/google-ads.js reports get, meta-ads insights get), which are untrusted/user-generated inputs that the agent must read and use to drive generation and upload actions.