ui-ux-pro-max

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow (Step 2 "Search Relevant Domains") instructs using .codex/scripts/search.py to run repeated searches and "synthesize all search results and implement the design", which clearly requires fetching and reading open/public third‑party web content as part of the agent's decision-making, exposing it to untrusted user-generated or public pages that could contain indirect prompt injections.