best-practices-researcher

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires live web searches and instructs the agent to fetch and weigh public, user-generated sources (e.g., "Search: ... site:reddit.com", "site:news.ycombinator.com", GitHub, community blogs) as part of its decision and grounding workflows, meaning untrusted third‑party content will be ingested and can influence tool use and recommendations.