agent-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly performs mandatory WebSearch/WebFetch/Exa fetches of public third‑party sites (e.g., BLS, Ongig, MyMajors, stripe.com and arbitrary WebFetch/WebSearch results) as part of its required research and occupational-alignment workflow, and those fetched pages are parsed and used to choose skills, routing keywords, agent configuration, and spawning behavior—allowing untrusted external content to materially influence actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.70). The skill explicitly performs runtime WebFetch/WebSearch of external sites (for example https://www.bls.gov/ooh/a-z-index.htm) as a required part of its Research Gate/Step 2.3 flow and uses the fetched content to derive agent instructions and skills, so external content fetched at runtime can directly influence agent prompts and behavior.