foundry-spec

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly supports "research" nodes that include "deep-research" / "Multi-phase web research" and states "External web research with source synthesis" (see references/task-hierarchy.md and related Research Nodes sections), which means the agent will fetch and interpret untrusted public web content as part of its workflow and that content can influence task decisions and blocking behavior.