product-thinker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to perform "Browser exploration" and "competitor research (exploring external sites)" to walk live products and external pages and to use those findings to ground recommendations, meaning the agent will fetch and interpret untrusted third‑party web content as part of its workflow.