morphiq-track

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's pipeline (see SKILL.md Step 2 and scripts/run-queries.py) fetches and ingests provider responses including citations and sub-queries (references/provider-strategies.md and references/share-of-voice.md show extraction of URLs from web_search results, forums/social/video sites, and sub-query tool calls), and those untrusted public sources are explicitly analyzed and used to generate flagged actions, content briefs, and follow-up tool actions—creating a clear path for indirect prompt-injection via third-party content.