policy-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md requires using WebSearch/WebFetch to crawl and fetch content from public third‑party websites (e.g., https://www8.cao.go.jp/cstp/, https://www.mext.go.jp/, https://www.meti.go.jp/) and to read/interpret those pages to produce policy analyses and recommended actions, so untrusted third‑party web content can materially influence the agent's decisions.