FinanceReport

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directly calls Perplexity MCP (mcp__perplexity__search and mcp__perplexity__reason) in the FullResearchWorkflow / GenerateSingleReport / RegenerateBatch workflows to fetch market research, analyst ratings, catalysts and risks from public web sources, and those external results are consumed and used to drive recommendations and follow-up actions (ratings, sizing, report generation), exposing the agent to untrusted third‑party content that could carry indirect prompt injection.