web-research-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests public third‑party web content (via WebFetch, Tavily search/extract/map/crawl in references/tavily-api.md, and agent-browser open/wait/get text examples in SKILL.md and rules/browser-patterns.md — e.g., agent-browser open https://competitor.com/pricing) and then reads and uses that content to drive parsing, change-detection, and alerting, so untrusted web content can materially influence agent actions.