security-best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow in SKILL.md explicitly instructs that if no relevant files exist in the skill's references directory the agent "can try to search online for documentation on security best practices," which directs the agent to fetch and read open/public third-party web content that could influence its subsequent analysis or actions.