codex-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly supports a top-level --search flag that "Enable[s] web search tool" (SKILL.md under "Useful Flags" and "Important Flag Placement"), which would ingest public web content into the agent's workflow and could therefore influence subsequent tool use or automated actions.