deep-article-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches arbitrary public article URLs via agent-browser or WebFetch (see SKILL.md "Step 1: Fetch Article Content") and then ingests that untrusted web content into the LLM argument-extraction and Gemini deep-research workflow (scripts/gemini_deep_research.py and prompts/deep-verification-prompt.md), so third-party pages can materially influence the agent's analysis and actions and enable indirect prompt injection.