ito-data-atlas-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The required workflow explicitly includes a “Research collector” lane that pulls from public web content (and other outsider-authored sources like X/GitHub/venue docs) at runtime, which can be ingested as free-form text into the agent’s LLM context via the deep-research/source-collection chain.