research-lookup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill issues live queries to OpenRouter/Perplexity Sonar and ingests their search_results and cited URLs (see research_lookup.py/_extract_api_citations and lookup.py formatting of sources), so it clearly fetches and interprets open/public third‑party web content (academic papers, URLs, snippets) which can materially influence subsequent outputs and tool behavior.