gate-info-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly calls gate-cli news endpoints (e.g., news feed search-news, news feed get-social-sentiment, news feed search-ugc, news events get-latest-events) as required steps in the SKILL.md playbooks (notably the research_plus_news playbook), which ingests public/user-generated news and social UGC that the agent must read and synthesize into its report and thus could enable indirect prompt-injection from untrusted third-party content.