context-engineering

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples and retrieval patterns (e.g., the "search_web"/web_search example in Tool Outputs and the "Retrieved Documents (Knowledge Layer)" / RAG retrieval guidance) explicitly show fetching web search results, document loads, snippets and URLs from public sources, which would ingest untrusted third-party content into the agent's context.