skill-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and verify every URL found in the reference files (see references/checks-references.md "use WebFetch to attempt retrieval", SKILL.md Review Process step 3, and README.md), meaning it will ingest arbitrary public URLs whose content can influence check results and agent decisions.