doc-briefing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests arbitrary web pages via "If URL → fetch with WebFetch" in the Processing Workflow (and "Summarize a URL/webpage into a briefing" in When to Use), meaning the agent will read untrusted public web content and use it to drive summaries/analysis that can alter its outputs or follow-up actions.