exa-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly fetches open web search results via mcp__Exa__web_search_exa (Step 2) and stores/summarizes that third‑party content into exa-digest.md which the morning briefing loop then reads and acts on (Step 4 / "Integration with Morning Briefing"), so untrusted web content can materially influence agent behavior.