google-agents-cli-deploy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly directs readers/agents to fetch external public docs and samples (e.g., "For ADK docs on Cloud Run deployment, fetch https://adk.dev/deploy/cloud-run/index.md" and GitHub sample links), which are open third‑party sources the agent would be expected to read for deployment decisions and could therefore inject instructions that influence tool use.