research-documentation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Conduct Research" instructions and examples (e.g., "search for relevant information", "find credible sources", and citing public sources like the Stack Overflow Developer Survey and McKinsey) require the agent to fetch and read public/web and user-generated content as part of its workflow, which exposes it to potential indirect prompt injection.