seo-drift

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). In URL mode, the runtime uses Claude’s WebFetch (and optionally Firecrawl) to fetch the user-supplied target URL’s page HTML/body text and <head>/JSON-LD, which is outsider-authored free text from an arbitrary external website that is ingested into the agent’s LLM context for fingerprinting/diff.