web-search-fallback

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill directs the agent to use a general-purpose "Task" autonomous agent to "Research: [your query]" and states it has access to "multiple data sources" as a fallback to WebSearch, which implies it will fetch and ingest open/public third-party web content for queries (untrusted/user-generated) that the agent will read and interpret.