orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Research templates and routing explicitly require ingesting public third-party content — e.g., "Research Template A/B/C" and "Competitor Website Analysis" which call out web search, Playwright MCP, Firecrawl scraping, forums, reviews, and competitor websites — so the agent will fetch and read untrusted user-generated/public web content that can influence decisions.