agent-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). SKILL.md explicitly instructs the agent to "Fetch relevant documentation" and to "Use WebFetch tool to pull latest documentation from source URLs" (e.g., https://github.com/anthropics/claude-agent-sdk-python and https://code.claude.com/docs/en/headless) in the Workflow and "When to Fetch Docs" sections, and those fetched public pages are expected to be read and used to determine CLI flags, API signatures, and tool behavior — creating a clear path for untrusted third-party content to influence actions.