hypothesis-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The "Conduct Comprehensive Literature Search" step explicitly directs the agent to use WebFetch on PubMed URLs and "WebSearch" / general web search to retrieve recent papers, preprints, and reviews, meaning the agent will fetch and read open/public web content (including uncurated preprints and arbitrary sites) as part of its workflow and thus is exposed to untrusted third-party content that could carry indirect prompt injection.