scout-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's SKILL.md explicitly lists blocks that fetch and ingest open web content—e.g., "Web Page Scrape", "Web Search", "HTTP Request" and examples using an external "data_url"—and those scraped/search results are routed into LLM and control-flow blocks, so arbitrary public webpages can be read and materially influence workflow decisions and tool use.