reasoning-trace-optimizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly defines and uses web_search and read_url tools (see README and examples/03_full_optimization.py and SKILL.md) to fetch public URLs (e.g., arxiv.org, docs.anthropic.com, minimax.io) and then analyzes those fetched pages as part of the OptimizationLoop/TraceAnalyzer to modify prompts and drive subsequent tool actions, so untrusted third‑party content can materially influence the agent's decisions.