researching-codebases

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly includes a web-searcher subagent (agents/web-searcher.md and agent-selection.md) that uses WebFetch to fetch and analyze external web pages (docs, blogs, Stack Overflow/forums) as part of normal workflow, so it ingests untrusted third-party content that can influence agent decisions.