company-deep-dive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly fetches and ingests open web content (e.g., SKILL.md Step 4 "Deep Extraction" using nimble extract --url "https://..." and the dimension-agent searches in references/dimension-agent-prompt.md that include social/review domains like x.com, linkedin.com, g2.com, capterra.com), and that untrusted/user-generated content is parsed and used to drive agent decisions, corroboration steps, and follow-up actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly runs runtime extractions of arbitrary external pages with commands like nimble extract --url "https://..." --format markdown, and those fetched pages are injected into the agent's context to drive the synthesized report, so external URLs fetched at runtime can directly control model output.