agent-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs WebSearch/WebFetch of public sites (see "Step 2: Research the Domain" and "Step 2.3: BLS/Ongig/MyMajors" and "Step 2.5: Exa searches") and requires incorporating those public, untrusted pages into research, keyword/routing registration, and agent-generation decisions, so third‑party content is read and can materially influence tool use and next actions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill explicitly performs runtime WebFetch calls to external sites (e.g., https://www.bls.gov/ooh/a-z-index.htm) as a MANDATORY, blocking occupational-alignment step whose fetched content is injected/parsed to guide agent generation and prompts, so this external URL is a runtime dependency that directly controls agent instructions.