ai-agent-orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The ResearchAgent is explicitly configured with searchTool and webScrapeTool (agents/specialists.ts) and the Agent base invokes configured tools, meaning the system will fetch and ingest open web/public content (untrusted/user-generated) for agents to read and act on, exposing it to indirect prompt injection.