research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to "read those files" after "the router passes both research file paths in your prompt" and notes those files come from cc10x:web-researcher (Bright Data + WebSearch) and cc10x:github-researcher (Octocode) — i.e., untrusted public web and GitHub content is ingested and used to drive synthesis and recommendations, which could carry indirect prompt-injection risks.