reverse-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 1 Business Context Analysis explicitly instructs the agent to examine "marketing pages, landing pages" (public web content) and to use the Explore agent to gather signals, meaning it will fetch and interpret open/public third-party webpages as part of its required workflow, which could enable indirect prompt injection.