container-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md's "Version Checking" section explicitly instructs the agent to "Use WebSearch or WebFetch to verify current versions" and points at public sites (e.g., Docker Hub and GitHub/distroless), meaning the agent is required to fetch and interpret open, third‑party web content (Docker Hub/GitHub) that could influence image selection and subsequent actions.