Algorithm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill exposes the agent to untrusted third‑party content because the capabilities registry and workflows reference web research and browsing (Data/Capabilities.yaml lists research.perplexity/claude with "use_when: 'Web research, current events, citations needed'" and verification.browser / Browser skill for visual/web verification), which implies fetching and interpreting open web content as part of the workflow.