meta-ads-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly performs parallel WebFetch crawls of the user's/public website (homepage, about, landing pages) in Phase 4 and also runs WebSearch for policy freshness, and it mandates merging that third‑party page content into business-context.json and using it to derive personas, scores, and recommendations—meaning untrusted public web content is read, interpreted, and can materially influence tool decisions.