invoice-generation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SSE event documentation (references/SSE-EVENTS.md) explicitly documents web_search_query and web_search_citations events that return public URLs and search results, showing the agent fetches and ingests open web content (third‑party URLs) which can influence its responses and tool use.