workflow-updater

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Research Gate (Step 2) mandates running WebSearch/WebFetch (e.g., arXiv via WebFetch and Exa web_search_exa) via the research-synthesis skill to fetch and analyze public web/arXiv content before making workflow changes, so untrusted third-party pages could influence decisions or tool invocation.