pm-feedback

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires automated data ingestion from public, user-generated sources (see "Collection Strategy" and "Data Ingestion" referencing social media, Reddit, forums, review sites and competitive channels), which the agent is expected to read and synthesize into decisions—meeting all criteria for exposure to untrusted third-party content.