github-deep-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires performing web_search and using web_fetch on open/public URLs in Round 2/3 (see "Round 3
• Deep Investigation (5-10 web_search + web_fetch)" and "Source Prioritization" which lists Reddit/HN/social media) and mandates extracting and citing those URLs, so the agent will ingest untrusted, user-generated third-party content that can materially influence its analysis and subsequent actions.