external-context

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs web searches and ingestion of public third‑party pages (see the Preferred path prompt file "Search the web for external documentation..." and the Fallback Task calls that tell subagents to "Use WebSearch and WebFetch" and "Cite all sources with URLs"), so untrusted web content is fetched and synthesized into agent decisions.