essay-pipeline

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly delegates factual verification to the essay-fact-checker sub-agent which performs WebSearch/WebFetch against open web sources and returns source URLs (see "Fact-Check Tiers Reference" and the "Fact-Checker Invocation Protocol" in SKILL.md/references), and the orchestrator reads and acts on those results to revise claims and drive pipeline decisions, exposing the agent to untrusted third-party content that can influence actions.