tool-selector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes "Web search" as a core tool in SKILL.md and shows workflows that run web searches (e.g., "Web search x3" in references/EXAMPLES.md) where the agent reads external/public web content and uses those results to drive subsequent tool calls, creating exposure to untrusted third‑party content that could carry indirect prompt injection.