which-tool

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "research" workflow explicitly instructs the agent to perform web searches and check public third-party sources (e.g., GitHub, Hacker News, Reddit, AlternateTo, curated lists) and to evaluate candidates based on those findings, so the agent would fetch and interpret untrusted, user-generated open-web content as part of its workflow.