validation-doctor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly calls brave_web_search to retrieve open web search results and even permits a fetch fallback for Chrome probes, so the agent ingests untrusted public web content as part of its diagnostic workflow.