claude-agent-sdk

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests public third‑party content — e.g., scripts/check_drift.py (drift-detection.md) fetches and hashes source URLs like docs.claude.com, github.com, and others, and the examples/Agentic Search patterns (examples.md and SKILL.md) include web_search/fetch_url/read_url tools that instruct the agent to read and act on arbitrary external webpages, so untrusted web content can materially influence tool selection and subsequent actions.