squads

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL explicitly declares web search/fetch tools as part of required agent toolsets (see "Creation Rules (v4) item 5: use portable semantic tool names" and "Portable Tool Names" in SKILL.md) and the adapters (e.g., adapters/claude-code.md) map those to runtime web_search/web_fetch primitives, so agents are expected to fetch and interpret open web content (untrusted/public pages) which can materially influence subsequent tool use and decisions, enabling indirect prompt injection.