content-brief-authoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires pulling and analyzing open web search results ("Pull the SERP top 10 for the target keyword" in "Entity discovery workflow" / references/entity-coverage-checklist.md) and instructs the agent to extract entities from those public pages to drive briefing decisions, so it ingests untrusted third-party content that can materially influence subsequent actions.