doctorg

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill issues WebSearch and full-text extraction against the open web — in particular the "Full" depth step that runs an unfiltered WebSearch for "contrarian" views and uses firecrawl-research on expert primary sources (e.g., blog posts, podcast transcripts) — which clearly ingests arbitrary public/user-generated third‑party content that the agent reads and synthesizes.