gobi-onboarding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-provided public webpages and web clippings (see "1-1. 홈페이지 있음" where the agent "가져와서 프로필을 만들어드릴게요" and "1-2. 웹 중심 사용자"/example articles) and also runs news-brushing ("2-1. 뉴스 브리핑") and EIC/EDM pipelines to parse that content into BRAIN.md and downstream actions, meaning untrusted third-party content is read and can materially influence agent decisions and tool use.