subagent-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly allows subagents to perform web fetch/search and "research tasks (API documentation lookup, code analysis)" (see execution_model and references/subagents.md which list WebSearch/WebFetch and references/error-handling-and-recovery.md which shows "fetch latest API documentation from web"), so the agent is expected to read and act on open/public third‑party content that could contain untrusted instructions.