planning-with-files

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's workflow explicitly instructs the agent to perform web/browser/search operations and to capture/write findings from those results (see SKILL.md "2-Action Rule: After every 2 view/browser/search operations" and examples.md showing "WebSearch 'morning exercise benefits'"), meaning it will ingest untrusted public web content and use it to drive decisions and next actions.