manim-composer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow (SKILL.md, Phase 1: "Research the topic ... Use web search to understand the core concepts") explicitly instructs the agent to fetch and use web/search content from public sources, which the agent will read and incorporate into planning and decisions, creating a clear vector for indirect prompt injection.