premium-hotels

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Data Sources section explicitly instructs refreshing data by re-pulling public Google My Maps KML URLs (https://www.google.com/maps/d/kml?mid=...), so the agent would fetch and ingest user-maintained, third‑party map data that can change property lists and thus influence search/booking decisions.