web3-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The tavily_search script (scripts/tavily_search.py) performs web searches via the Tavily API and returns content from public third‑party domains (e.g., coindesk.com, cointelegraph.com, decrypt.co, theblock.co, defillama.com, etc.), which the agent ingests and is expected to read as part of its research workflow.