landing-page-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to "Research competitor landing pages" using belt app runs such as tavily/search-assistant and references inference-sh/skills@web-search and exa/answer, which fetch and ingest public third‑party web content that the agent will read and use to drive design decisions—exposing it to untrusted external content that could carry indirect prompt injection.