data-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly ingests public third-party web content in "Phase 2: Search Sources" (web via search: public filings, press releases, regulatory data) and then reads/parses those saved raw sources with deterministic extraction and LLM fallbacks (Phase 4/5), so untrusted third-party pages can influence extraction results and subsequent tracker updates.