architecture-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires "WebSearch top 3" research, mandates citing web evidence/URLs for every claim, and instructs the agent to ingest and use that public web evidence to drive recommendations and confidence percentages, which exposes the agent to untrusted third‑party content (public websites) that can influence actions.