web-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly gives spawned subagents access to web_search (Tavily) and instructs them to perform web searches, include source URLs and quotes, and the skill also exposes a fetch_url tool for converting arbitrary web pages to markdown, so the agent will ingest open/public third‑party web content as part of its workflow.