research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Gather" step explicitly calls out "WebSearch" and "WebFetch for specific pages" to collect docs, articles, and pages from the open web, meaning the agent will read and interpret untrusted third-party content from public websites.