diligence-issue-extraction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's workflow explicitly allows and instructs the agent to "search the web — results will be tagged '[web search — verify]'" (see the "No silent supplement" / source attribution sections in SKILL.md), so the agent may fetch and interpret untrusted public web content that can influence findings and follow-up actions.