mel-framework-citation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's "Verification protocol" explicitly requires running WebSearch/WebFetch to retrieve and verify canonical publisher URLs and recency of publicly available sources (e.g., "run a WebSearch to confirm the cited edition" and "run WebSearch (or WebFetch) for each source"), which means the agent will fetch and interpret untrusted third‑party web content that can change its citations and decisions.