conducting-customer-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow (Phase 1: Audit Existing Signal) explicitly requires aggregating and AI-analyzing public, user-generated sources — e.g., "Review site mentions (G2, Capterra, TrustRadius)" and "Community discussions mentioning your product" — which the agent is expected to read and synthesize into hypotheses and downstream actions, exposing it to untrusted third-party content that could carry indirect prompt-injection instructions.