index-lib-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and parses content from public third-party sources — e.g., Phase 3 uses curl against registry.npmjs.org, WebSearch to find documentation sites, and fetching GitHub READMEs / docs sites (including checking {docs_url}/llms.txt) — which are untrusted public webpages and the agent is expected to read and interpret them as part of its workflow.