deepagents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation and examples explicitly show subagents and middleware configured with web-search/fetch_url/tavily_search tools (see "SubAgentMiddleware" and examples like tools=[web_search, fetch_url] and "examples/deep_research" / CLI "Web search integration"), meaning the agent will fetch and interpret open web content that can influence its subsequent tool calls and decisions.