codex-deep-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md workflow explicitly requires browsing public sources (e.g., "3. Browse by default" and "3. Run an initial web sweep" in references/workflow.md), which directs the agent to fetch and interpret open/public third‑party content that can influence research conclusions and subsequent actions.