adk-agent-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow and examples (PRD.md FR-4, references/examples.md, and ARD.md "Tool Usage Pattern"/"Tool wiring") explicitly scaffold and register tools like github_fetcher, web_search, and doc_reader that fetch and ingest public user-generated content (GitHub PRs, web search results, webpages) which the generated agent is expected to read and act on, exposing it to untrusted third-party content that could enable indirect prompt injection.