general-info-gathering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs collecting and ingesting open/public third-party content (e.g., Phase 3 "情報収集" with URL-based source records and the Method Catalog sections 5.1 OSINT, 5.2 Webアーカイブ, and Google高度検索) including social media/web pages whose content the agent is expected to read, evaluate (CRAAP/SIFT) and use to drive findings and recommendations, which creates exposure to untrusted user-generated content that could carry indirect prompt-injection instructions.