project-referee

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to "Use WebSearch to find recent publications" in Step 3 (Proactively search for missing citations), which requires fetching and interpreting open/public web content that may include untrusted third-party material.