run-industry-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow and mission briefs (e.g., SKILL.md and references/agents/mission-briefs.md and references/agents/research-powerpack-and-explore.md) explicitly instruct agents to run web-search/WebFetch/scrape-links/raw-scrape-links and to capture and preserve public Reddit/HN/forum threads and other public URLs as evidence, so it clearly ingests untrusted, user-generated third‑party content that the agent must read and that can influence synthesis, rankings, and next actions.