verify-known-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs WebSearch (Step 2) to gather evidence from public sites like GitHub, Stack Overflow, and other public documentation and then passes those URLs to a verification sub-agent (Step 4), so the agent will fetch and read untrusted, user-generated third‑party content.