watchlist

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill's required workflow (Step 6: "Define downstream workflow" and related steps) explicitly directs the agent to run downstream skills that ingest public/untrusted content—e.g., "Run news-intel to gather catalyst and risk context", "Run market-screen", and "Run stock-data"—which means the agent will read/interpret third-party news/market content that can materially influence subsequent tool use and decisions.