agent-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's examples and required workflow explicitly show agents calling retrieval functions (e.g., search_web in SKILL.md and retrieve_documents/retrieve_context in references/evaluation.md and references/agent-patterns.md) and processing "retrieved docs, web pages" (explicitly mentioned) as part of response generation and evaluation, which means untrusted third‑party content can be ingested and materially influence tool choices and outputs.