skill-researcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill delegates to the "general-research-agent" which explicitly "search[es] web for documentation and examples" (Stage 5), meaning the agent will fetch and read open/public third-party content as part of its workflow, exposing it to potential indirect prompt injection.