quad-fact-check

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs "Opus が WebSearch で一次ソースを確認" and to collect "追加検証情報" from web searches to feed back into Gemini/Codex queries, so the agent fetches and interprets open/public web content that can change its verification decisions.