Context Engineering Framework

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The spec explicitly instructs the agent to fetch and crawl arbitrary URLs and discover new related URLs (see tool_definitions: web_content_fetcher and url_discovery_engine; autonomous_workflow "コンテンツ取得" and "新規ソース発見"; and crawling_config/example_usage using target site URLs), which exposes it to untrusted public web content that could carry indirect prompt injections.