solution-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's research-agent explicitly performs WebSearch and ingests external case studies and public sources (see agents/research-agent.md "WebSearch Directives" and its "Case Studies" output including "Source: [URL or search query]" and examples like site:reddit.com), and that research is required by the orchestrator and used to validate root causes and drive downstream initiatives/ICE scoring, so untrusted third‑party content can directly influence agent decisions.