reference-searcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). SKILL.md's "Search Strategy" (Layer 2: Open-Source Implementation Examples — e.g., grep.app/GitHub search) and "Layer 3: Web Search (Current Information)" explicitly direct the agent to fetch and synthesize content from public GitHub repos and web articles, meaning untrusted third‑party content will be read and used to drive recommendations and decisions.