multi-agent-systems

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md and references (Parallelization Pattern / research_subagent examples) explicitly show subagents invoking tools like "web_search" and "read_document", which causes the agent to fetch and interpret open/public web documents as part of its workflow, exposing it to untrusted third-party content that can influence subsequent actions.