think-router

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill’s integration section explicitly lists “web extraction” as an extension of the deep-research skill, indicating the agent can fetch and ingest third-party web content (public websites) as part of research workflows, which could expose it to untrusted user-generated content and indirect prompt injection.