archon

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to crawl and index arbitrary public websites (POST /api/knowledge-items/crawl) and to list/search external knowledge items (/api/knowledge-items, /api/knowledge-items/search) and then read and act on those results in its Search-First and indexing workflows, meaning untrusted third‑party web content can directly influence tool use and decisions.