competitor-pr-finder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests open web content from arbitrary product URLs (Step 3: Firecrawl or Tavily extract in SKILL.md) and from Tavily search results (scripts/research.py and Steps 4b/6/8), and the agent is required to read and act on those snippets/URLs to pick competitors, tier channels, lookup journalists, and generate outreach—so untrusted third-party content can materially influence behavior.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill requires runtime calls to Tavily (e.g., https://api.tavily.com/search and https://api.tavily.com/extract) and injects the returned search/extract content into the agent's context (used as evidence for competitor/channel/journalist extraction and pitch generation), so these external URLs directly control prompts and are a required dependency (TAVILY_API_KEY is mandatory).