agently-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly enables web Search and Browse (references/builtin-tools.md) which fetch open/public web pages and search results, and the docs (references/observability-and-results.md and references/tool-loop-and-control.md) state those tool outputs are injected back into the request and used for planning/answers, so untrusted third-party content can materially influence agent behavior and enable indirect prompt injection.