agentic-workflow-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs agents to fetch and interpret external/public web content (e.g., assets/workspace-templates/instructions/integrations/external-references.instructions.md and references/agent-guide.md which show use of MCP tools like microsoft_docs_fetch/web/fetch and examples such as "Fetch https://example.com/docs" and "use #tool:agent to fetch and summarize the content of this URL"), so untrusted third‑party pages are ingested and can materially influence tool use and decisions.