honest-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to fetch and validate external, public web content (e.g., using WebFetch/WebSearch/Context7 to query package registries like registry.npmjs.org and pypi.org and general web sources) as part of its research-validation workflow (see references/research-playbook.md and SKILL.md), so untrusted third-party content is ingested and can influence findings and actions.