site-content-catalog

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md and scripts/catalog_content.py explicitly fetch and parse arbitrary public websites (sitemap.xml, robots.txt, RSS/Atom feeds, blog index pages, and an Apify fallback) and optionally deep-read top N pages, using that untrusted page content to classify pages, assign topic clusters, and determine funnel-stage/deep-analysis results—behavior that lets third‑party pages materially influence decisions.