educates-course-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md) requires the agent to perform web searches/web fetches and to read and act on external resources recorded in planning/resources.md ("Any time a web search or web fetch yields a useful resource — add it to this file immediately" and "Consult the course resources: Read planning/resources.md") which exposes the agent to untrusted public web content that can influence planning and subsequent actions.