retrieval-search-orchestration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs retrieval and ingestion of external source documents (e.g., "Retrieve source documents for edges" in the Query Decomposition / ReAct examples in SKILL.md and the provenance guidance in resources/provenance-patterns.md which requires storing source_url and cites examples like PMC12345 and FDA_LABEL_678), so it reads and acts on third-party (including untrusted/user-generated) content that can influence subsequent LLM actions.