multi-agent-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and implementation examples (SKILL.md and references/frameworks.md) explicitly define researcher/agent nodes that call perform_research and create_agent with tools like [search, browse, read], so agents are expected to fetch and interpret open-web content (public searches/pages) whose untrusted instructions could change routing and decision-making.