Evals

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's evaluation workflows and grader configurations explicitly reference and require tool calls like "web_search" and "read_source" (see Data/DomainPatterns.yaml and grader logic that consumes transcript.tool_calls and context.output for research graders and LLM-based judges), which means the agent will fetch and evaluate content from public web sources (untrusted/user-generated) as part of its workflow.