brainstorm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md's mandatory "Research-first Mode" (e.g., "quick market/OSS research" and "Identify 2–4 comparable tools/patterns" / "What similar tools do" in the Research Notes) requires fetching and summarizing public/open-source third‑party content, which is untrusted user-generated material the agent must read and which can materially influence its decisions and next actions.