researcher-hand-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required agent workflow (Phase 3 — Information Gathering in the system_prompt) explicitly calls web_search and web_fetch to collect and deeply read public web sources (e.g., GitHub, Stack Overflow, arXiv, news sites) and uses those extracted claims to drive synthesis, scoring, and auto-follow-up actions, so untrusted third‑party content can directly influence decisions and subsequent tool use.