magi

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md teammate checklist explicitly requires teammates to "Search online" (Explore in Parallel / Teammate Checklist step 3 and the explore step "read project, search online"), which instructs the agents to fetch and interpret open/public web content and use those findings to generate and prioritize proposals that drive decisions—exposing the system to untrusted third-party content that could inject instructions.