client-deliverables

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs using data sources like google_reviews, business_profile (Google Business Profile/GBP) and geogrid/competitor scans in the SKILL.md to ingest public, user-generated reviews and listings which the agent must read and interpret to produce recommendations, so untrusted third‑party content can materially influence actions.