yandex-wordstat

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to perform WebSearch for intent verification (see SKILL.md "CRITICAL: Intent Verification" / "MANDATORY: Use WebSearch") and also programmatically fetches user-generated search phrases from the Yandex Wordstat API (scripts/top_requests.sh and missed_demand.py query-total → topRequests), so the agent ingests untrusted third‑party content (search results and public search-query data) and uses it to decide/alter next actions (marking queries target/non-target, building OR-queries, adding minus-words), which meets the criteria for indirect prompt-injection risk.