signals-scout-web-analytics

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The skill’s runtime workflow ingests outsider-authored free text from the sessions/events acquisition stream—specifically browser-supplied $entry_referring_domain, $entry_utm_* values, and $entry_pathname/$entry_hostname (and event $pathname/properties)—which are then read into the agent’s context via the SQL result rows used for analysis and memory/emit text.