deep-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core workflows (e.g., scripts/company-gatherers.ts and the various web-researcher scripts called throughout SKILL.md) call WebResearcher.performResearch and link-collector/source-verifier to fetch and ingest content from public domains listed in assets/config/research-sources.json (including user-generated sources like Glassdoor, forums, social media and news sites), and that fetched third‑party content is parsed and used to produce findings and recommendations that drive subsequent actions — creating a clear vector for indirect prompt injection.