claude-agent-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's API reference and docs explicitly expose WebFetch/WebSearch (references/api-reference.md) and custom MCP tools that fetch arbitrary URLs and external APIs (references/custom-tools.md), which the agent is expected to read/interpret and can drive subsequent tool use—allowing untrusted web content to indirectly inject instructions.