best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 1 "Industry Research" explicitly requires using agent-browser / WebSearch / WebFetch to search and read full web pages (see SKILL.md "Tool selection cascade" and the "Untrusted content rule"), so the agent will fetch and interpret untrusted public web content as mandatory input to its debate and gap-report workflow.