investigate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly lists and uses WebSearch in its allowed-tools and Phase 2 ("External pattern search") where it instructs the agent to perform web searches for framework/error types and incorporate documented solutions from public web pages into hypotheses and follow-up actions, which means it fetches and reads untrusted third‑party content that can influence decisions.