concept-researcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly tells the agent to perform "Web検索" and collect information from official docs, technical blogs, and Context7 (see Quick mode "やること" step 1, Deep mode "フェーズ1" step 1, and the "リサーチソースの選択" table), meaning it fetches and ingests open/public third‑party content that the agent will read and use to produce outputs, allowing indirect prompt injection.