ai-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples and tool patterns explicitly show agents calling web-search and document-fetching tools (e.g., the SKILL.md agent_loop using search/read_page, references/examples.md ResearchAgent with WebSearch() and FetchDocument(), and MCP "Resources" for fetching URLs), which means the agent is expected to ingest untrusted public web content and so is exposed to indirect prompt injection risks.