vault-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly instructs the agent to run tracks that ingest public, user-generated sources — e.g., "community discussions (Reddit/HN/forums)" and "market signals (funding/trends/news)" — and to synthesize those findings into notes and next actions, which means untrusted third‑party content is read and can materially influence decisions.