blog-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly instructs research via the "web-search-researcher" agent and requires 5+ external citations / records _internal.sources (aeo-requirements.md and templates), so the agent will fetch and ingest open/public third-party web content (news, papers, docs) that may be untrusted or user-generated and read as part of its workflow.