paw-ps-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and crawl public third-party sources (see "Public Web Research (MCP Tools)" in SKILL.md and the references like references/demand-signals.md and references/competitor-analysis.md which call out Exa searches of Reddit, G2/Capterra, Google Trends, Product Hunt, company pages, etc.), ingest that untrusted/user-generated content as part of research, and then use those findings to drive recommendations and next actions—creating a clear path for indirect prompt injection.