agent-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly exposes the agent to open web/untrusted third‑party content by allowing execution of web-search apps (e.g., tavily/search-assistant, Exa Search) shown in the Quick Examples and "What's Available", so the agent would fetch and read public search results as part of its workflow.