deepresearch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required agent workflow and prompts explicitly instruct background agents to "Fetch and READ actual URLs" from open/public sources (e.g., NVD, MITRE CVE, vendor advisories, GitHub repos, researcher blog posts, product pages, app store listings) and to base the research, gap analysis, and later design (Part 4) on those fetched sources, which clearly exposes the agent to untrusted third-party content that can materially influence decisions.