planning-with-files

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (SKILL.md: the "2-Action Rule", "Read Before Decide", and decision matrix) and the examples/references (references/examples.md shows "WebSearch 'morning exercise benefits'" and "Browser returned data → Write to file") explicitly direct the agent to perform web searches and read browser-returned/public web content, which are untrusted third‑party sources that the agent is expected to interpret and use to drive subsequent actions.