background-researcher-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 2 "Information Gathering" explicitly instructs the agent to use public web sources (e.g., GitHub repositories, Stack Overflow, technical blogs and conference talks) that are untrusted/user-generated and will be read and synthesized into recommendations and actions, which can allow indirect prompt injection.