research-analyst-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The workflow's "并行研究（研究员执行）" step explicitly instructs researchers to call external search tools ("必要时调用搜索工具（WebSearch / MCP PubMed / metaso 等）") so the agent will fetch and read public third‑party web content and use it to generate and influence research reports.