cti-domain-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md and cti-search.md workflows explicitly instruct the agent to execute scoped web searches across a curated public domain list (references/domains.txt / references/tier-map.json) — including untrusted/community sources such as reddit, gist.github.com, raw.githubusercontent.com and news sites — and to extract summaries/IOCs and use those findings to rank results, recommend detection steps, and push sources to NotebookLM, meaning arbitrary third‑party content is ingested and can materially influence tool use and next actions.