search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md "Deep dive" workflow explicitly instructs the agent to use WebSearch/WebFetch and to run content = WebFetch(url=result.url, prompt="Extract key findings"), meaning it will fetch and interpret open/public third‑party web pages (potentially user‑generated) and use that content to drive its research and decisions.