librarian

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly performs searches and ingests content from public third-party sources—e.g., GitHub repositories and issues/PRs, Stack Overflow answers, and external technical blogs/websites—so the agent will read and interpret untrusted user-generated web content that could contain indirect prompt injections.