agent-expert-creation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's plan and research workflows explicitly include the WebFetch tool (see the Plan command header "allowed-tools: Read, Glob, Grep, WebFetch" and the "Research Expert" pattern listing "Tools: WebFetch, Read, Write"), which means the agent can fetch and read arbitrary public web content and use it to influence planning, specs, and actions.