unifuncs-deep-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow calls the UniFuncs Deep Research API endpoints (e.g., https://api.unifuncs.com/deepresearch/v1/create_task and /chat/completions) to perform "multiple rounds of searching and reading" and stream/render returned research content (including link-style references), which clearly ingests untrusted public-web/user-generated content that the agent reads and uses to drive report generation—allowing indirect prompt injection.