advanced-tool-usage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs using web/search tools in its workflow (see SKILL.md and references/patterns.md — e.g., the "Search-then-Process Pipeline" calling tavily_search and read_url) to fetch and parse public search results and webpages, which are untrusted third-party content that the agent reads and uses to drive subsequent tool actions.