codebase-researcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The deep_research.sh workflow explicitly tells the agent "You have access to all tools. Decide the best research strategy and execute it" and the integration docs (references/claude_code_integration.md) list WebFetch/WebSearch as available tools, so the agent can fetch and interpret arbitrary public web content as part of its research, enabling indirect prompt injection from untrusted third-party pages.