task-decomposer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill instructs the agent to search and fetch content from the public skills ecosystem (https://skills.sh via "npx skills find"/browsing) and the open web (web_search/browser_automation, downloading PDFs and scraping pages), which are untrusted third‑party/user‑generated sources the agent is expected to read and interpret as part of its workflow.