learn

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Survey step (Step 1) explicitly instructs using "WebSearch" and "WebFetch" (e.g., "WebSearch for overviews, WebFetch for definitions" in the territory/table) to read public web docs and pages as part of its required workflow, so it will ingest untrusted third‑party content that can influence subsequent hypotheses, probes, and actions.