geo-fix-schema

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow explicitly fetches and analyzes user-supplied public URLs (see "Phase 1.2 Fetch and Analyze Pages" and the "Security: Untrusted Content Handling" section) and then uses that extracted page content to drive schema extraction, scoring, and JSON-LD generation, so untrusted third‑party page content can materially influence the agent's actions.