privacy-by-design-rails

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs "Use WebFetch when needed" under External References (and references/pii-definition.md describes a dynamic "web search" step to discover market-specific PII), so the agent is expected to fetch and interpret open/public web pages which can change scanning rules (PII patterns) and thus materially influence its decisions.