agent-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs agents to use web_search, fetch_url, and crawlers (see SKILL.md and references/implementation-templates.md—Research Agent and Multi-Agent examples using web search, LinkedIn API, company website crawler, Google Trends, competitor blog crawler) to retrieve public web and social content that the agent must read and use to drive decisions (e.g., lead scoring, outreach, research), so untrusted third-party content can materially influence behavior and enable indirect prompt injection.