managing-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's API client generator (temp-agents/api-client-generator.md) explicitly states it can use "WebFetch" to retrieve OpenAPI/Swagger specs from arbitrary URLs, so the agent fetches and parses untrusted third‑party content (public URLs) as part of its workflow, which could enable indirect prompt injection.