research-fleet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md requires spawned scout agents to "formulate, search, extract, write" using WebSearch/WebFetch (see the "Each scout follows the /research protocol" and "WebFetch Restrictions" sections, including fetching raw GitHub READMEs), so scouts ingest untrusted public web content that can materially influence the compressed brief, Wave 2 decisions, and final recommendations.