meta-skill-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow directs the agent to use references/security-guidelines.md for third‑party service calls, and that document explicitly instructs using "web_search" to look up external API/docs and includes example code for calling external APIs, so the agent would fetch and interpret open/public web content that could materially change its actions.