skillcraft

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This SKILL.md explicitly instructs agents to use web_search/web_fetch/browser to fetch public web pages and news (see "Stage 2: Phase 2: Script fetches external data" and the "Parallel Research Aggregator" example in patterns/composable-examples.md), and then to read and synthesize that untrusted third‑party content to make decisions and trigger actions, which could enable indirect prompt injection.