exam-ready

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests student-provided PDFs or pasted notes ("Student will provide: 1. A PDF file or pasted notes") and requires the agent to read and act on that untrusted, user-generated content to produce exam-focused outputs, which could allow indirect prompt injection to influence its behavior.