research-external

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly runs web-research tools (perplexity-search, nia-docs) and a scraper (firecrawl_scrape --url "$FOUND_DOC_URL") to fetch and ingest public documentation and web pages, and then synthesizes those findings into recommendations and handoffs that drive downstream actions, exposing the agent to untrusted third-party content that could contain injected instructions.