orchestrate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs research agents to "Use WebSearch and WebFetch to get current docs" and to "find blog posts, GitHub repos, and official docs" (see the "Prompt Template: Research Agent" and "Pattern A" sections), which clearly causes the agent to fetch and interpret untrusted public web content that can materially influence subsequent orchestration and actions.