web-fetch

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests content from user-provided URLs and WebSearch results (e.g., public websites, blogs like dev.to, arXiv PDFs, and other third‑party pages) and then reads and analyzes that content as part of its workflow, which exposes the agent to untrusted third‑party input that could enable indirect prompt injection.