research-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly requires using a web-search/WebSearch tool and shows run-search examples (Phase 2 Execution: "web-search 'AI in healthcare overview 2024'") and references public/user-generated sources like Stack Overflow and blogs, meaning the agent will fetch and read untrusted third-party web content as part of its workflow.