clj-discover

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md "Workflow: Java Interop" step explicitly instructs using WebSearch ("Search for wrapper" → Use WebSearch to find clojure wrapper for <library-name>), which fetches and requires the agent to read and act on open web content (untrusted/public) that can influence subsequent decisions and tool use.