debugging-with-tools

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires dispatching the internet-researcher to search public sites (e.g., "Check Stack Overflow", "Find GitHub issues", "Search for error: [exact error message]") so the agent ingests and acts on untrusted, user-generated web content from the open web, creating an indirect prompt-injection risk.