WorldThreatModelHarness

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's UpdateModels and TestIdea workflows explicitly invoke the Research/WebSearch skills and instruct agents (see Workflows/UpdateModels.md Step 3 and the agent prompt's "RESEARCH: Use WebSearch..." plus TestIdea's Deep tier "Research update check") to fetch and ingest public web content for creating/updating models, so untrusted third-party pages can directly influence analyses and downstream tool use.