research-web

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md) launches parallel web-researcher agents (vibe-extras:web-researcher) that fetch and ingest open/public third-party content — explicitly citing sources like Reddit, Hacker News, Twitter and arbitrary web pages in the wave prompts and collection phases — and then uses those findings to drive follow-up waves, decisions, and synthesized actions, which allows untrusted user-generated content to influence agent behavior.