autonomous-agent-harness

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly includes enabling "Brave Search (Web research)" in the Agent Configuration and asks for a GitHub repository URL in Project Basics, which indicates the agent will fetch and act on arbitrary third‑party web content and repos as part of its workflow (SKILL.md: "MCP Servers to Enable" and "GitHub Repository" fields).