research-content-router

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires "联网检索、引用来源" and Stage 1 (Research) mandates collecting conclusions with supporting evidence (links/original quotes/data) and includes components like "Query Builder", "Source Triage" and "Evidence Extractor", which together indicate the agent will fetch and ingest open/public third‑party web content (blogs, media, papers) that can influence its decisions.