Investigation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's mandatory workflows (e.g., CompanyDueDiligence.md, CompanyLookup.md, DomainLookup.md and DiscoverOSINTSources.md) explicitly instruct researcher subagents to fetch and analyze public third‑party sources such as OpenCorporates, LinkedIn, Crunchbase, crt.sh, VirusTotal, GitHub and social media (reddit/OSINT subreddit), so untrusted user-generated web content is ingested and can directly influence decisions and subsequent tool actions.