customer-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and processes public review-site and community content (e.g., "G2 reviews, Reddit threads, Stack Overflow discussions") and in Step 1 Mode C and the "Mine" workflow it offers to use web_search/web_fetch to retrieve additional web-based reviews or discussions, meaning the agent will fetch and interpret untrusted third‑party content as part of its core workflow.