smart-sourcing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md Decision Framework and Implementation sections explicitly direct the agent to "Perform web search, cite source" and the examples show fetching and citing public URLs (e.g., GitHub releases, FastAPI release notes, PEP pages), meaning the agent will fetch and interpret open/public third-party content that can materially influence its actions.