competitor-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The required runtime workflow runs scripts/gate_candidates.mjs, which uses browse cloud fetch --allow-redirects --format raw to ingest each outsider candidate homepage’s HTML (including <title> and visible hero text) into the agent’s LLM context for classification (PASS/REJECT/UNKNOWN), creating an indirect prompt-injection exposure path from arbitrary third-party web content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly fetches external webpages at runtime via the Browserbase CLI (e.g., using browse cloud fetch --allow-redirects --format raw to retrieve competitor pages such as https://rivalco.com/pricing) and injects that fetched page content into the gating/enrichment subagents and their prompts, so those external sites are required runtime inputs that directly influence model instructions and outputs.