style-guide-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs the agent to "Use web_fetch" and to "Fetch the website using web_fetch" (see the Workflow Decision Tree "Gather Information" and the "From URLs/Websites" section), meaning it ingests and analyzes arbitrary public website content that can directly influence extraction, decisions, and generated outputs.