ar-filter-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SSE event reference (references/SSE-EVENTS.md) and the "Web Search" event flow explicitly show the agent performing web_search_query and ingesting web_search_citations (external URLs), indicating it fetches and uses open web search results that could influence its actions.