smart-sourcing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to "perform web search, cite source" and shows examples citing public URLs (e.g., PEP 695, FastAPI release notes, GitHub releases), which requires fetching and interpreting untrusted, user-accessible web content.