audience

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly requires using the Browser to research public web sources (web searches, YouTube, forums) and to fetch image URLs from Wikimedia Commons/Google Images and include 2–4 external references, so the agent will ingest and interpret untrusted, user-generated third-party content.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly requires using the Browser at runtime to fetch and include external references/images (e.g. https://upload.wikimedia.org/wikipedia/commons/3/39/ASIMO_4.28.11.jpg), which will be injected into the agent's context and thus can directly influence/drive prompts at runtime.