aeon-deep-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires pulling from and synthesizing public primary/secondary sources and market signals (e.g., "Pulls from primary sources... secondary third (media, newsletters), market signal last" and "Sources — deduplicated, primary first"), which means the agent will fetch and interpret untrusted, user-generated third-party content as part of its workflow.