review-intelligence-digest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Phase 1 ("Scrape Reviews") explicitly instructs running review-site-scraper against public review pages (G2, Capterra, Trustpilot) to ingest user-generated reviews which the agent then analyzes to drive messaging, competitive displacement, and recommended actions — meeting all criteria for exposure to untrusted third‑party content that could inject instructions.