swing-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires using WebSearch/WebFetch in Stage 2 to fetch and ingest open web content (e.g., GitHub, social media, public websites as listed in the Source Tiers) and instructs the agent to read and cross-verify those sources to drive findings, so untrusted third-party content can directly influence the agent's decisions.