skill-workflow-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly allows subagents to fetch and research external web content (e.g., "Subagents can use ... WebSearch, WebFetch" in references/subagents.md and examples like "Attempt to fetch latest API documentation from web" in references/error-handling-and-recovery.md), so the agent will read and act on untrusted public web/third-party content.