self-learning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly uses web search and browsing tools (search_web, read_url_content, browser_subagent) to fetch and extract content from public URLs (official docs, GitHub, blogs and other web pages) and then reads/interprets that content to synthesize new skills, exposing the agent to untrusted third‑party web content that could carry indirect prompt injections.