aeo-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md process explicitly instructs the agent to "Analyze how the brand appears in AI responses for each query type" and to "Check citation accuracy" and "Assess source authority" (Process steps 3–6), which requires fetching and interpreting untrusted public AI outputs and their linked web sources, so third-party content can directly influence the agent's analysis and actions.