Agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs live web and social-media ingestion (e.g., CodexResearcherContext: "Live Web Search" and codex exec --sandbox danger-full-access; ClaudeResearcherContext: "Claude's WebSearch"; GrokResearcherContext: "Real-time X/Twitter access"; and QATesterContext: browser navigation to arbitrary URLs), so the agent fetches and is expected to read untrusted public third‑party content.