model-hierarchy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly lists "URL fetching and basic parsing" as a routine task and shows an integration example that spawns a sub-agent to "Fetch and parse these 50 URLs," meaning the agent will ingest arbitrary third‑party web content (webpages/URLs) that could influence its routing or actions.