rq-morning-note

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly accepts and validates web_search_findings.json (populated via the SKILL.md / references/web_search.md "web_search" flow) and generate_report.py reads those external URLs/summaries and uses them to compute the exec summary, opening stance, watchlist and trade observations—so untrusted public web/news content is ingested and can materially change the agent's decisions.