web-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs spawned subagents to use the web_search tool (Tavily) and fetch_url to gather and quote content from public websites (see the "Subagent Instructions Template" and "Research Subagent Configuration"), and those findings are read and synthesized to drive the agent's analysis and actions, so untrusted third-party content can influence behavior.