agent-orchestrator-standalone

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs agents to fetch and use external web content (see SKILL.md step "Use skills when they directly match a subtask" with the example $web-fetch-to-markdown <url> and the requirement to "identify any authoritative sources (docs/specs) and record what claims must be backed by evidence"), meaning untrusted public webpages could be ingested and used to influence decisions and tool actions.