proactive-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to perform web searches and read public resources (e.g., "Blockers Research" / Self-Healing: "Web search for solutions", "Check GitHub issues, forums") and AGENTS.md ("Search the web"), which means it will fetch and interpret untrusted third‑party content from the open web as part of its workflow.