tw-edu-pbl-designer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly enables WebSearch in the MCP connector and MCP integration sections (e.g., "WebSearch（自動啟用）" / "WebSearch（已啟用）：搜尋最新課綱資料、教學素材、時事情境"), meaning the agent will fetch and consume public web content (untrusted/user-generated) as part of its workflow and that content can influence generated PBL design decisions.