seatmaps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's SKILL.md explicitly instructs the agent-browser to navigate and scrape public websites (SeatMaps.com and AeroLOPA) to extract seat maps, user reviews, and structured data which the agent then interprets to make seating recommendations, exposing it to untrusted third-party content that could carry indirect prompt injection.