doctor-strange

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires fetching and ingesting open web content — e.g., Step 2.5 Phase A ("run 5–8 parallel WebSearch calls" and "1–2 follow-up WebFetch calls") and the Universe subagent template ("You have full access to WebSearch" and "Search first, then write") — so untrusted public webpages are read and used to shape simulations and actions.