skill-perfection

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly instructs the agent to perform web research and verify external links (see "Research Strategy" and "Phase 3: Verify URLs you added/modified (WebFetch)") and the bundled preflight.py even performs HTTP checks via httpx (check_urls), meaning the agent will fetch and read public third‑party content (docs, GitHub, registries or arbitrary URLs) as part of its workflow, exposing it to untrusted user-generated content and potential indirect prompt injection.