creating-claude-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's "Comprehensive Agent" example (security-auditor) explicitly grants allowed-tools including WebSearch (and mentions WebFetch and external URLs like the GitHub schema and Claude docs), which indicates the agent at runtime may fetch and read arbitrary public web content (untrusted, user-generated or third‑party) as part of its workflow.