vendor-agreement-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs the agent to fetch and read DPAs referenced "at [URL]" and offers web searches ("search the web — results will be tagged [web search — verify]"), so it clearly ingests untrusted third-party content (vendor-hosted URLs/public web pages) and uses that content to drive contract analysis and routing decisions.