academic-deep-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's mandated Phase 3 workflow (README.md, SKILL.md, and reference/protocol.md) explicitly requires running web_search and web_fetch against public websites (e.g., TechCrunch, GitHub Copilot docs) so the agent ingests untrusted third‑party web content that can materially influence its analysis and actions.