brainstorming-ideas

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 4 "Research Similar Solutions" explicitly instructs calling Perplexity and then using WebFetch on citation URLs to extract implementation details from public websites (WebFetch(url="", ...)), so the agent will fetch and interpret untrusted third‑party web content that can change its recommendations and follow-up actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's Phase 4 explicitly calls WebFetch(url="", prompt="Extract implementation details...") at runtime to fetch external content and extract/inject those findings into the agent's outputs, so external URLs (e.g., "") directly influence prompts and behavior.