keyword-wedge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs agents to fetch and interpret third-party web data — notably Phase 5's browser automation against Google Keyword Planner (references/data-source-guide.md / SKILL.md) and Phase 4's calls to external Search Console/PostHog APIs — and uses those external results to drive analysis and next actions, so untrusted public content can materially influence the agent's decisions.