research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to perform web research using the gemini CLI or a WebSearch tool and to fetch/read third‑party content such as GitHub repositories, official docs, blogs, and community resources (see "Systematic Information Gathering" and "Deep Content Analysis" in SKILL.md), which are untrusted public sources that the agent must read and act on.