planning-prompts

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's research templates (reference/meta-prompts.md) explicitly instruct the agent to use WebFetch/WebSearch and list "sources" (exact URLs and search queries) to gather information from the open web, so the agent will fetch and ingest public third‑party content (web pages/search results) that could contain untrusted user-generated material and enable indirect prompt injection.