subagents-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the "librarian" subagent to use GitHub CLI, Context7, Web Search and webfetch to search external websites, OSS and docs (see references/delegation-patterns.md and references/subagent-types.md), meaning the agent will fetch and read untrusted public third‑party content such as web pages and repos.