web-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly spawns research subagents that use the web_search tool (Tavily) and fetch_url to gather web pages and source URLs from the open web, and the agent is instructed to read and synthesize those external findings—exposing it to untrusted, user-generated third-party content.