general-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs WebSearch/WebFetch and ingests open web sources—including user-generated/community content like StackOverflow, Reddit, and GitHub issues (see "Phase 3: Research" and the research strategies/source-evaluation sections)—and instructs the agent to read, extract, and cross-reference that third-party content as part of its workflow, which exposes it to untrusted indirect prompt injection risk.