ralph-multimodel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly routes "Research" and "Megacontext" phases to Gemini (e.g., "Research React dashboard best practices (Gemini)" and "Gemini (search/megacontext)"), which implies it will perform web searches and ingest public third‑party content (documentation, articles, forums) as part of its workflow, exposing the agent to untrusted external input that could enable indirect prompt injection.