research-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly uses Perplexity for web research and Firecrawl's scrape command (e.g., --url "https://...") to fetch and ingest arbitrary public web pages, so the agent will read and interpret untrusted third‑party content from the open web.