opencode-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly exposes a "webfetch" built-in tool ("Built-in Tools" section) that fetches and reads web pages from the open web, so the agent can ingest untrusted public/user-generated content as part of its workflow.