WorldThreatModel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The UpdateModels workflow (Workflows/UpdateModels.md Step 3 and the included Agent Prompt Template) explicitly requires invoking the Research skill and "Use WebSearch" to gather current web content for each horizon, and TestIdea's Deep/Standard tiers run Research checks—meaning the agent ingests open/public third-party content and uses it to drive analysis and decisions.