agent-factory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required Step 3 explicitly instructs the agent to run web_search " free API" and curl arbitrary API endpoints (and Step 1 suggests using Bird/Twitter search), which fetches and ingests untrusted public web/social content that the pipeline must read and use to choose APIs and design endpoints.