planning-with-files

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples (examples.md) explicitly instruct the agent to perform WebSearch and record/read findings with URL fields in notes.md (e.g., "WebSearch 'morning exercise benefits'" and the notes.md Sources section), so the agent is expected to fetch and interpret content from public third‑party websites/URLs.