company-domain-finder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required pipeline (Stage 1 DISCOVER and Stage 3 VERIFY) explicitly uses web_search/web_fetch/Playwright and looks up external sites such as Wikipedia and country registries to fetch and parse public webpages/homepage content (e.g., "Fetch the homepage", "Wikipedia check", references/country-registries.md), so the agent ingests untrusted third-party web content that can materially influence decisions about the official domain.