dag-hallucination-detector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly extracts arbitrary https?:// URLs from agent outputs (extractCitations/extractCitations) and the verifyUrl function performs network fetches (fetch(url, { method: 'HEAD' }) when context.allowNetworkVerification) so it ingests untrusted third-party web content that can affect verification findings and downstream behavior.