skill-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Research Best Practices" step explicitly instructs using the Gemini CLI to perform web-grounded searches (e.g., gemini "[technology] [feature] best practices 2026"), which pulls content from open/public websites that the agent will read and interpret, exposing it to untrusted third-party content and potential indirect prompt injection.