research-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Phase 2 and Phase 3 (in SKILL.md) explicitly require performing targeted web searches and to "Fetch the top 2-3 most relevant results" and extract code/config snippets—while the Source Hierarchy names untrusted user-generated sources like Stack Overflow and blog posts—meaning the agent will ingest and act on public third‑party content that can influence decisions.