AnnualReports

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill fetches and parses open/public third‑party content (the upstream README from https://raw.githubusercontent.com/... in Tools/UpdateSources.ts and arbitrary report pages/URLs fetched by Tools/FetchReport.ts via fetchReportPage), treats that untrusted/web‑hosted content as input to parsing, summarization, and source updates, and then uses those results to drive analysis and tool actions—exposing the agent to potential indirect prompt injection.