workflow-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow-creation steps explicitly mandate web research and fetching from public sources (Step 2.5 "Workflow Pattern Research" with WebSearch calls and the "Research Gate" section requiring mcp__Exa__web_search_exa and WebFetch to arXiv), so the agent ingests untrusted public web content that can influence workflow design and subsequent tool/invocation decisions.