notebook-ml-architect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent to use web_search_exa / crawling_exa / deep_search_exa to discover and pull full content from web URLs and to use searchGitHub to read public .ipynb repos (see "Exa Search
• Current Best Practices" and "GitHub Search"), which exposes it to untrusted, user-generated third-party web content that the agent will read and interpret.