research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's mandatory research steps (notably Step 3 "Conduct Research + Capture Evidence" and the evidence-citation rules) explicitly require web searches and ingesting external URLs/third-party sources (official docs, GitHub issues/PRs, blog posts, etc.), so the agent will read untrusted public content that can materially influence its findings and next actions.