brand-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow instructs agents to perform web searches and include external URLs for "source citation" and to accept user-provided visual references/URLs in the Pre-Dispatch (e.g., "Source citation: ... Web search → include URL" and "aesthetic intuition — 3 visual references (URLs, brand names, moodboard hints)"), so the agent is explicitly expected to ingest and act on untrusted third‑party web content that can influence decisions.