web-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly directs the agent to use "available web search tools" to gather information from the open web and to "cite specific sources with URLs," meaning the agent will fetch and read untrusted public third-party content (public websites/URLs) that could carry indirect prompt injection.