proactive-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly instructs the agent to use a browser and web search, check GitHub/issues, and install or vet skills from external sources (see "Relentless Resourcefulness" and "Skill Installation Policy" / "Security Hardening"), which demonstrates the agent will fetch and read public third‑party content (websites, GitHub, social/agent directories) that could carry untrusted, user‑generated instructions influencing its actions.