datapack-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly requires accessing and extracting from "web search for public filings" and citing "URLs" (Phase 1 Step 1.1 and the citation/normalization sections), meaning the agent fetches and reads open public web content that is then used to drive data normalization, calculations, and modeling.