customer-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Mode 2 workflow and its referenced source guide explicitly instruct the agent to fetch and mine untrusted, user-generated content from public sites (e.g., Reddit, G2/Capterra, Hacker News, YouTube comments, LinkedIn, app store reviews) as part of its required research steps (SKILL.md and references/source-guides.md), so third-party content would be read and used to influence analysis and actions.