local-places

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly runs nimble searches, agent runs, and nimble extract against public sites (e.g., Google Maps, Yelp, Facebook/Instagram and arbitrary URLs) and ingests user-generated reviews and social/profile content which the agent parses and uses to deduplicate, score, and drive follow-up actions, so untrusted third-party pages can materially influence behavior.