research-digest

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly instructs the agent to gather and synthesize content from open/public third‑party sources — e.g., "RSS feeds", "web search", and "Social/community — Reddit, Twitter/X, LinkedIn" in the Source Collection section — so the agent ingests untrusted, user‑generated material that can influence its decisions and outputs, creating a clear indirect prompt‑injection risk.