blog-outline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (Step 2: "Use WebSearch" and "Use WebFetch on the top 2-3 results") instructs the agent to fetch and analyze top search results and page content from public websites, which are untrusted third-party sources and are used to drive the outline and content-gap decisions.