gemini-system

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs using "Google Search grounding" and templates to fetch and analyze public web resources (e.g., GitHub READMEs, Issues/Discussions, Stack Overflow, PyPI, blogs) as shown in SKILL.md and references/lib-research-task.md, meaning untrusted third‑party content is ingested and can influence agent actions.