planning-with-files

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's examples and templates explicitly instruct the agent to perform web searches and record external URLs (e.g., "WebSearch 'morning exercise benefits'" in Example 1 and the notes.md "Sources" section with "URL: [link]"), which means the agent will fetch and ingest open/public third‑party content as part of its workflow.