go-mode

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow explicitly lists and authorizes using web_search and web_fetch (and even the "bird" CLI/Twitter) as part of PLAN/EXECUTE and marks "reading files, searching the web" as auto-proceed actions, so the agent will fetch and interpret open/public third‑party web and social content during execution — exposing it to potential indirect prompt injection.