swain-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md Step 1 sources and Step 2 "Collect and normalize" — e.g., "Web page URLs" and "Forum threads / discussions") explicitly fetches and ingests web pages, forum threads, and other public URLs, so the agent consumes untrusted third‑party content that can materially influence synthesis and follow-up actions.