deepresearch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to use the cursor-ide-browser to navigate, scrape, archive, and verify public web content—including social media, user-generated content, reverse image/video searches, and arbitrary URLs (see OSINT_VERIFICATION.md and Stages 3–4 of the Evidence-Chain workflow)—so the agent will ingest untrusted third-party content as part of its workflow.