hypogenic

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill ingests and processes public third‑party content—e.g., cloning public GitHub datasets, loading user-provided research PDFs from literature/.../raw/ (processed via GROBID), and explicitly using social media posts as dataset inputs—which the agent reads and interprets for hypothesis generation, exposing it to untrusted, user-generated content that could enable indirect prompt injection.