google-agents-cli

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly includes a SearchTool ("Adding Tools to an Agent" -> SearchTool) that "Search the web for information" and returns web search results for the agent to consume, meaning the agent fetches and interprets untrusted public web content which can materially influence its actions.