prompt-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly describes ingesting and analyzing untrusted external content (e.g., "summarize webpage" and Attack Scenario 2 in references/threat-model.md, including the process_external_content example), so the agent is expected to read public/third-party web/doc content as part of its workflow.