multi-model-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's external orchestrator (scripts/research.py) fetches and reads JSON responses from Perplexity (which grounds answers to the open web) and Grok 4.1 (which ingests developer sentiment from X/Twitter), meaning the agent consumes untrusted, user-generated third-party content as part of its workflow.