blog-factcheck

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly fetches cited web pages via WebFetch as part of its verification workflow (SKILL.md Step 3: "Fetch the source page via WebFetch") and then reads and interprets that arbitrary third-party page content to assign confidence scores and decide follow-up actions, so untrusted web content could inject instructions that influence agent behavior.