gemini

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory consultation prompts and script explicitly allow and instruct the Gemini agent to "use web/documentation search tools" and to include external source URLs (see build_ask_prompt/quality_gates in scripts/gemini-consult.sh and the SKILL.md "Hard constraints" and Evidence-First rules), which means the agent will fetch and interpret open/public third-party web content that can influence its decisions and actions.