web-search

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). SKILL.md explicitly instructs the agent to perform web searches and "Always cite your sources with URLs" and to synthesize results from public web sources, meaning the agent will fetch and interpret open/public third‑party content (webpages, blogs, forums) as part of its workflow, which can materially influence its outputs and enable indirect prompt injection.