subagent-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly enables subagents that use WebFetch/WebSearch (see "Valid Tool Names" and the "Research Specialist" pattern), which would allow those subagents to fetch and read untrusted public web content and user-generated sources for research, creating a clear vector for indirect prompt injection.