09-customer-insight-global

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (see "Sources for Capturing Internal Monologue" and the Quality Checklist requiring internal monologue be grounded in real sources) explicitly instructs the agent to read user-generated third-party content such as competitor post comments, Google/Trustpilot/Amazon reviews, Reddit/Discord/forum threads and DMs, which the agent would need to ingest and interpret to produce insights, creating a clear avenue for indirect prompt injection.