k-mechanic

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill exposes the agent to open web content via the Research command "research.query" (references: Research Commands / research.py in the AFD reference) which performs web searches through Gemini/Google and returns those results for the agent to read, so untrusted third‑party content can be ingested and could carry indirect prompt injections.