diagnose

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs agents to perform WebSearch and ingest public web content (see agents/external-check-agent.md: "You MUST use WebSearch for every factor" and the SKILL.md Data Gathering Pause which directs using WebSearch for public evidence), and those third-party search results are merged into the analysis and can change routing, hypotheses, and next actions.