vibe-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Step 4 explicitly instructs the agent to "Use WebSearch to gather current information" from the open web (competitors, technical docs, market sites, etc.), which the agent must read and interpret to generate research findings and recommendations saved to docs/research-[AppName].txt, exposing it to untrusted third‑party content that can influence actions.