analyst-common

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires directly calling mcp_websearch_web_search_exa and copying "original_text" from public web search results and cross-checking with at least three third‑party sites (see "웹검색 도구 직접 호출 필수", "원문 인용 규칙", and the Allowlist listing TradingEconomics, Yahoo Finance, Reuters, etc.), so the agent will ingest and act on open/public third‑party content that could contain malicious or instructional payloads.