info-gathering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow explicitly instructs fetching and ingesting open/public third-party content (e.g., GitHub, Stack Overflow, Reddit, public web pages and mentions using a WebFetch tool) as part of its main research/execution steps (see SKILL.md and references/tech-research-methods.md), so untrusted user-generated content can directly influence the agent's decisions and tool use.