x-collect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly directs the agent to run multi-round WebSearch queries (Rounds 1–4) against public sources like "GitHub", "official announcement", reviews and tutorials and then synthesize those third-party web results into a report and next actions, so it clearly ingests untrusted public content that can influence behavior.