concept-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly crawls and ingests public web content via /concept:research and scripts/web_researcher.py (see commands/concept.research.md and commands/concept.drilldown.md), stores artifacts (WR-xxx.md) containing and then instructs agents (domain-researcher, gap-analyst, document-writer) to read and act on that content to generate research findings and solution approaches, so untrusted third‑party content can materially influence agent actions despite sanitization steps.