web-research-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches and ingests open/public third‑party webpages (e.g., Tavily extract/map/crawl in references/tavily-api.md and agent-browser open/get text in rules/browser-patterns.md and monitoring-competitor.md) and then reads and acts on that content for extraction, diffs, alerts, and tool-selection, which exposes the agent to untrusted third‑party content that could contain indirect prompt injections.