research-executor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly uses WebSearch and WebFetch / mcp__web_reader__webReader to retrieve and extract content from arbitrary public URLs and sites (e.g., Reddit, public websites, GitHub, arXiv, vendor blogs), and those fetched, untrusted third-party sources are read and interpreted by the multi-agent research workflow.