codex-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's documentation explicitly exposes the agent to open web content via the codex CLI's --search/web-search option (see "关键参数" and the "--search 启用 web 搜索工具" line in SKILL.md), which lets Codex fetch external, potentially untrusted web results that can influence its outputs and subsequent actions.