wiki-research-loop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's source fetchers (scripts/source-fetchers/web.js, arxiv.js, and github.js) pull content from public sites (DuckDuckGo, export.arxiv.org, api.github.com) which is parsed by compilePage and deriveFollowUps to extract claims, write wiki pages, and enqueue follow-up seeds—i.e., untrusted third‑party content is ingested and directly drives subsequent actions.