proactive-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly instructs the agent to fetch and "research root cause (docs, GitHub issues, forums)" and to "search all sources" when recovering context (see the Self‑Healing / Relentless Resourcefulness / Compaction Recovery sections), which requires ingesting public/untrusted web content (GitHub, forums, websites) that the agent will read and use to guide fixes or actions.