Copilot Research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Data Gathering and Error Handling sections explicitly require performing web searches and using public sources (company news, funding, leadership changes) as inputs for the brief, so untrusted third-party content from the open web is ingested and used to drive talking points, risks, and next actions.