crewai

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's recommended agent config (config/agents.yaml) lists tools like "SerperDevTool" and "WebsiteSearchTool" and the research_task explicitly requires finding information and "cite sources", indicating the agents will fetch and ingest open/public web content (third-party sites) which will be read and used to drive downstream tasks like writing, enabling indirect prompt injection.