deep-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md requires a --config-json with sources that can include "web" and "papers" and the examples explicitly run deeptutor with ["web"] or ["web","papers"], so the agent will fetch and ingest public third‑party web/paper content (untrusted) as part of its workflow and that content can materially influence outputs.