deep-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Bibliography Agent explicitly performs systematic external database searches (agents/bibliography_agent.md: "Execute Search", "DATABASES", Step 2 and Step 4.5 Semantic Scholar API, and includes "grey literature" / Web sources), and the Monitoring Agent explicitly references public trackers (monitoring_agent.md: Google Scholar, PubMed, Retraction Watch, arXiv/SSRN), so the agent will ingest and read open third‑party web/preprint/grey‑literature content that can influence downstream analysis and actions.