prompt-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's documentation explicitly instructs the agent to perform external searches and tool calls whose observations feed back into reasoning—e.g., references/react.md defines SEARCH[query] actions and observations, and references/prompt-chaining.md shows web_search/vector_search tool_call steps whose results are used to drive subsequent steps—so the agent will fetch and interpret untrusted third‑party content that can change its actions.