supplier-risk-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md "Tools & Libraries" section explicitly lists 'requests' and 'beautifulsoup4' for web scraping/news monitoring, and the Risk Monitoring & Early Warning workflow uses external KRIs (news, political events, cyber attacks) that the agent would ingest and act on, meaning it consumes untrusted public web/news content that can influence decisions.