deep-dive-research-orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's agents (e.g., .claude/agents/competitive-analyst.md and research-orchestrator.md) explicitly require WebSearch/WebFetch of public sites (Crunchbase, LinkedIn, G2/Capterra/Trustpilot, SimilarWeb/Ahrefs/Semrush, GitHub, Meta Ads Library, Twitter/X, etc.), ingesting untrusted user-generated web content as a mandatory part of the workflow that directly influences metrics, strategies, and predicted actions.