customer-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Mode 2 workflow and its references/source-guides.md explicitly instruct the agent to gather and read user-generated content from open public sites (e.g., Reddit, G2/Capterra, Hacker News, YouTube comments, LinkedIn, app stores), meaning the agent will fetch and interpret untrusted third-party content that can influence research conclusions and subsequent actions.