Oracle Agent Spec Expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly defines AgentNode/tools and workflows that fetch and interpret public web content (e.g., the "Multi-Agent System" researcher agent with tools: web_search and fetch_document, the "ResearchPipeline" pattern using [web_search, fetch_docs], and APINode examples like https://api.weather.com) so the agent is expected to ingest untrusted third‑party content that can influence downstream actions.