deep-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires systematic searches and ingestion of public third‑party sources (see SKILL.md Phase 2 and agents/bibliography_agent.md: "DATABASES", record results per database; agents/source_verification_agent.md: DOI + WebSearch spot-check and Retraction Watch; agents/monitoring_agent.md: Google Scholar, PubMed, arXiv, RSS, Retraction Watch), so untrusted web/social/third‑party content is read and used to drive inclusion, verification, synthesis, and downstream actions.