system-prompt-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs agents to ingest content from arbitrary URLs and the open web (e.g., SKILL.md and references/examples.md include "load_dataset(path): Use when user provides file path or URL" and the Research/Web Search Agent examples that say "Search the web for current information"), so untrusted third‑party content would be read and could influence tool use and decisions.