research-outline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.85). The skill’s Step 2 explicitly launches a background “general-purpose” web-research agent to supplement items “within {time_range}” and returns “Sources Source”, which implies runtime fetching/scraping of public web pages whose free text is then ingested into the subagent/LLM context (outsider-authored web content).