mckinsey-consultant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs repeated web_search calls against public web pages (see SKILL.md and references/methodology.md describing STEP 3 and STEP 6-7 web_search and recording source URLs into Excel), so the agent ingests and acts on untrusted third‑party content which can materially influence generation and tool actions.