docs-validator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Validation Process and "Validate Links" steps explicitly extract and test external HTTPS URLs from documentation (grep -r "https://" docs/; "Test each URL (if online)") and the report examples act on those external pages (e.g., "Broken External Link... Fix: Update to https://new-url.com/download"), which shows the agent fetches and interprets untrusted public web content as part of its workflow.