team-composition-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Research Team preset explicitly grants researchers "WebSearch, WebFetch" (see references/preset-teams.md and SKILL.md "Capabilities: ... web search (WebSearch, WebFetch)"), meaning agents will fetch and read open web pages/URLs as part of their workflow, exposing them to untrusted third‑party content that could carry indirect prompt injection.