agent-tool-builder

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly includes tool examples that fetch and ingest open web content (e.g., the Python "search_web" beta_tool example and MCP/tool-runner snippets that call external APIs like weather_api.fetch and fetchWeather), showing the agent is expected to read and act on untrusted public web/search results as part of its tool workflow.