prompt-engeneering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly instructs agents to "Browse the web" and use RAG/web-research (see SKILL.md "Web Research Prompts" and the referenced "Web Research — Full Agent Prompt" in references/gpt5-family-prompting.md), so the agent is expected to fetch and interpret open/public third-party content (web pages, documents) which can materially influence tool calls and decisions and therefore enables indirect prompt injection.