building-subagents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Research phase and Research Depth levels explicitly require web searches ("medium" = "+ Web search for patterns" and "thorough" = "+ Multiple sources") and Phase 3 lists Web tools (WebFetch, WebSearch), which means the agent is expected to fetch and read open/public web content that could be untrusted and therefore enable indirect prompt injection.