info-search-knowledge

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to search, read, and ingest content from open public sources including user-generated sites such as Reddit, GitHub, Stack Overflow, app store reviews and social media (and to save those results into the knowledge base), which are untrusted third‑party content that could carry indirect prompt injection.