content-brief

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md explicitly instructs the agent to "Google the target keyword. Read the top 10 results" (Step 1), meaning it fetches and ingests open/public third‑party webpages and uses their content to drive briefing decisions, so untrusted external content can influence subsequent actions.