doc-coauthoring

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Context Gathering stage explicitly instructs the agent to fetch and read external content (e.g., "If they provide a link to a shared document, use available tools to fetch it" and "If tools are available for fetching external content (web search, URL fetcher, etc.), mention that these can be used to pull in context directly"), so the agent will ingest untrusted third-party/user-provided web or document content that can influence subsequent drafting and actions.