seo-backlink-audit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md explicitly requires pulling backlink and page data from Ahrefs ("Pull from Ahrefs" and Workflow step 2: "Pull baseline data"), which represents open/public third‑party webpages (referring pages, comments, forums, etc.) that the agent must read and interpret to build toxic/disavow and reclamation lists and to decide outreach/disavow actions—so untrusted external content can materially influence decisions and tool use.