swarm-advanced

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly spawns a "Web Researcher" with capabilities like "web-search" and "content-extraction" and runs Phase 1 tasks such as "web-search" and "academic-search" (and references public GitHub URLs), which means it fetches and ingests open/public third‑party content that could be untrusted and enable indirect prompt injection.