brand-wave-artisans

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly enables fetching public web content for grounding (SKILL.md imagery guidelines: "Grounding references: Peter Lindbergh, Ellen von Unwerth (use with enable_web_search: true)") and the manifest also references an external CDN for icons ("icons.source": "https://unpkg.com/..."), so the agent may fetch and interpret open, third-party pages/assets as part of its workflow, which could permit indirect prompt injection.