ai-choosing-architecture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow and templates (SKILL.md, examples.md, and reference.md) explicitly instruct using ReAct/RAG agents and tools like search_web, fetch_page, retriever, and news/web search to fetch and ingest public web pages, news, and search results — untrusted third-party content that the agent reads and uses to decide tool calls and next actions.