de-residency-advisor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly mandates "live research" and instructs the agent to run site: queries and fetch/read authoritative city, state and federal webpages during the workflow (see SKILL.md "Live research, every time", README.md "expects the host agent to be able to look up and read web pages live", and references/research-playbook.md with site: query examples), so it consumes open/public third‑party web content and uses that content to drive decisions and next actions — creating a clear avenue for indirect prompt injection via fetched pages.