initiating-coverage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and ingest public third‑party content (e.g., SEC EDGAR 10‑Ks in references/task2-financial-modeling.md; company websites, LinkedIn and news in references/task1-company-research.md; and Yahoo Finance / Bloomberg market data in Task 4), and that external content is required and used to build models, valuations, charts and next actions—so it exposes the agent to untrusted public content that can materially influence behavior.