fact-check

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to click and verify external public links (Phase 2 "Check all MDN links" and Phase 4 "Check each external link") and to read content from public sites such as MDN, the ECMAScript spec (tc39.es), Can I Use, GitHub TC39 proposals, and arbitrary external resources, so the agent will ingest untrusted/public third‑party content as part of its workflow.