senior-prompt-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill includes explicit web-retrieval and RAG workflows (e.g., the "search_web" / web_search tool in references/agentic_system_design.md and the agent_orchestrator examples, plus the RAG evaluator which ingests retrieved contexts via contexts.json), so the agent is clearly expected to fetch and read untrusted public content (web/search results and retrieved contexts) as part of its runtime workflow.