computer-scientist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Phase 1 "Field Survey" and its "1.2 Sources to Scan" explicitly require scanning and extracting findings from public third‑party sources (benchmark leaderboards, recent papers, competitor blogs/reports, workshop open-problem lists), so the agent will ingest untrusted user-generated/public content that can materially influence commissioning and next actions.