claude-capabilities

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to use built-in web search to verify claims (Maintenance and references/claude-ai.md) and includes examples that fetch external URLs (references/models.md curl commands and the "check https://www.anthropic.com/news" step), so the agent is expected to fetch and read untrusted public web content.