coding-agent-docs

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md workflow instructs the agent to read references/documentation-urls.md and use WebFetch to fetch and summarize/extract content from public documentation URLs (e.g., opencode.ai, developers.openai.com, code.claude.com), meaning the agent will ingest third-party web pages and act on their instructions as part of its workflow.