optise-helix-aeo-tracker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires using web search/web_fetch and a 4-step web search protocol to verify competitor relationships and auto-verify URLs (see Section 0 — Operating Principles: "Web search and web fetch ARE available" and "Auto-verify URLs via web_fetch" plus the "Verify competitor relationships via the 4-step search protocol" rule), so it fetches and interprets open/public web content that can change workflow decisions (HARD STOP rules) and therefore exposes the agent to untrusted third-party content.