proposal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (Step 2 and Step 3) explicitly directs the agent to fetch and ingest third-party web content and resources—e.g., using Octave MCP tools like enrich_company/enrich_person, list_resources/search_resources (uploaded docs, URLs, Google Drive files), and browser-based brand extraction/WebFetch—to read company websites and external docs and then use that content to shape proposal text and actions.