grounding-router

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs CLIs (e.g., research pex-grounding/academic, pdf-search/pdf-brain) from scripts like scripts/extract.py and pipeline templates which pull content from open web providers and public sites (providers listed such as "perplexity", "serp" and domains like derangedphysiology.com, litfl.com, emcrit.org), and that fetched third-party content is then ingested and synthesized by the Σ/Δ/Ρ pipeline—so the agent will read/interpret untrusted public content that could enable indirect prompt injection.