ai-agent-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs agents to perform web searches and ingest public search results (e.g., the n8n_agent_workflow system_prompt listing "Search the web for information", the ReAct pattern with Action: web_search("X") → Observation: [search results], and the Research Agent tools: web_search/news_search/wikipedia_lookup), which means the agent fetches and reads untrusted public third-party content that can influence subsequent actions.