conversion-tracking

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly runs tag diagnostics and inspects sites (see validateConversionTracking() and the "Tag not detected on website" checks) and monitors Google Ads tag diagnostics / customer websites for tag presence, meaning the agent fetches and interprets third‑party/public website content which can directly change decisions (e.g., pausing optimizations), so it exposes the agent to untrusted external content that could enable indirect prompt injection.