prompt-engeneering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core instructions explicitly direct agents to "Browse the web" and use RAG/web research (see SKILL.md "Web Research Prompts" and references/gpt5-family-prompting.md / references/gpt5-prompting-guide.md "Web Research — Full Agent Prompt"), meaning the agent is expected to ingest open/public, untrusted web content that can influence tool use and subsequent decisions.