planning-with-files

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core workflow and templates (e.g., planning-with-files.mdc and reference.md, plus templates/findings.md and examples.md) explicitly require performing "view/browser/search" or "WebSearch" operations and instruct the agent to read and act on those web/browser results (write findings, update plan, make decisions), which means it will fetch and interpret untrusted public web content that can influence subsequent tool use and actions.