agently-task-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md explicitly instructs the agent to use built-in Search/Browse (see "Step 4: Tools" and the multi-stage "Search → Browse → summarize" workflow) to fetch and summarize public web pages/URLs and to act on those results, meaning the agent will read untrusted third‑party web content that can influence tool calls and next actions.