gsp-brand-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs in Step 2 to "use WebFetch" for any URLs provided in the BRIEF.md or newly supplied by the user, meaning the agent will fetch and ingest arbitrary third‑party web content (open/public URLs) which will be read and used to drive audit decisions.