overseas-registry-source-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires sweeping, fetching, testing, and downloading from local and broader third-party public sources (see "Gate 3: Sweep third-party sources" and "Gate 5: Run the validation loop" plus use of scripts like search_boundary_probe.py and http_download_template.py), so the agent will ingest untrusted, user/website-provided content that can materially influence subsequent tool use and decisions.