building-agents-core

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill defines a "search-web" NodeSpec that uses tools like "web_search" and mentions "web_scrape" (scraping arbitrary URLs) so the agent will fetch and read untrusted public web content (e.g., "system_prompt='Search the web for: {query}'" and tools=["web_search"] / web_scrape) as part of its workflow.