ai-patterns-tool-use-patterns

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's instructions and examples (e.g., PHASE_TOOLS in examples/advanced.md and the security patterns in SKILL.md/agent/security.ts) explicitly include tools like "search_web" and "fetch_url" and discuss validating/allowlisting URL arguments, indicating the agent will fetch and ingest content from arbitrary public web pages/URLs (untrusted third‑party content) that the model will read and act on.