pua-debugging-en

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). SKILL.md explicitly commands the agent to "proactively search," "search the web," and "read the raw material" using its search/file-reading tools, meaning it will fetch and ingest untrusted public web content and use that content to guide actions and decisions.