automation-debugger

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 2 "Web Research" explicitly instructs using a WebSearch tool to fetch and ingest public web content (e.g., Microsoft Learn, community forums and Stack Overflow) when local docs are insufficient, so the agent will read untrusted third-party/user-generated content via the WebSearch tool.