foundation-doc-sop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs running an OpenAI "Deep Research" prompt and to mine/analyze public user-generated sources (e.g., "mine Amazon reviews," "analyze competitor ad comments," and "forum posts") as part of the Research Doc that is attached to downstream copy sessions, meaning the agent will fetch and interpret untrusted third‑party content that can influence its actions.