agentic-harness-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly supports HTTP hooks, external-process hooks, and dynamically loaded plugins whose outputs (JSON, stderr, or injected context) are merged into the agent's prompt and permission flow—see references/hook-lifecycle-pattern.md and the SKILL.md "Skills" / "Hook Lifecycle Pattern" sections—meaning untrusted third‑party responses can be read and can influence tool decisions and actions.