debugging-with-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly dispatches an "internet-researcher" to search and ingest public sites (e.g., Stack Overflow, GitHub issues, and arbitrary web pages) and instructs the agent to read and interpret those results, which are untrusted third‑party/user‑generated sources that could enable indirect prompt injection.