geo-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and analyzes live public web content as part of its required workflow (e.g., SKILL.md Phase 1.2/1.5 instructs fetching the homepage, robots.txt, sitemap and up to 10 pages, and references/agents/geo-brand.md and others explicitly fetch third‑party sites like Wikipedia, Reddit, LinkedIn, Crunchbase, YouTube), so untrusted user-generated content is ingested and can materially influence scoring and recommendations.