debug-like-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to perform web searches and consult public sources (e.g., "Use web search for error messages" in evidence_gathering and the "Web Search" / "GitHub Issues Search" guidance in references/when-to-research.md), which means it will fetch and read untrusted, user-generated content from the open web as part of its workflow.