fact-checker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly performs web searches and ingests content from public third‑party sources (Step 2: "Search authoritative sources" — e.g., GitHub repositories, npm/PyPI package registries, and general web/official pages) which the agent is expected to read and use to generate correction reports, exposing it to untrusted/user-generated content.