earnings-deep-dive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The runtime LLM context can include outsider-authored free text via quotes_df → render_tearsheet/render_deep_dive which inserts QuoteText (and related fields) from inputs.normalized.quotes_csv into generated report text; those quotes are outsider-authored unless the operating user authored them.