serp-tracker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly retrieves and ingests live SERP content from third-party services ("retrieve the current SERP layout via Moz and Google Search Console MCPs") and records/displayed content such as AI Overview summaries and snippet text, which are untrusted public web content that the agent reads and uses to drive analysis and actions.