cy-idea-factory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required "Discover context" phase (Workflow step 3) explicitly spawns an Agent tool call to perform 3–7 web searches and merge web research findings—i.e., it fetches and ingests open/public third-party web content (competitors, market data) which the agent must read and which directly informs decisions and outputs—creating a clear avenue for indirect prompt injection.