external-context

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Step 2 Task invocation explicitly instructs spawned document-specialist agents to "Use WebSearch and WebFetch" to retrieve content from official docs, GitHub, blogs, etc., so the agent will fetch and interpret untrusted third-party web content (URLs) that can influence its outputs.