investigate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 5 "PROVE" and the Tool Usage table explicitly require using WebSearch and GitHub (e.g., "Use WebSearch for known issues" and "mcp__github__search_issues") to read public web pages and issues, which are untrusted, user-generated third‑party content that the agent must interpret and that can materially influence investigation decisions.