gemini

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs using the Gemini CLI web_search/extension flags (see SKILL.md "Research with web search" examples and references/command-patterns.md and references/gemini-help.md which document -e/--extensions and -e web_search), so the agent will fetch and read public web content (untrusted third-party pages) that can influence its actions.