create-locked-down-skill

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly allows WebSearch and WebFetch in its required permissions and "Research" workflow (permissions block in Step 3 and the "Research" allowed tools list), which means the agent will fetch and read open/public web content (untrusted third-party pages) that can influence its actions.