crew-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly lists and recommends enabling web-facing tools (e.g., web_search, read_webpages_as_markdown, download_from_url) in the "Tool Management" flow and the references/available-tools.md tool list, which means the agent can fetch and read arbitrary public webpages whose content could influence its actions and thus enable indirect prompt injection.