brainstorm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly instructs using a WebSearch to find external references (see "Tools" table and Phase 4 — Reference in SKILL.md and references/QUESTIONING-GUIDE.md), meaning the agent may fetch and incorporate untrusted public web content into prompts or decisions, creating a route for indirect prompt injection.