name-checker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's SKILL.md and agent files (e.g., agents/social-checker.md, agents/registry-checker.md, agents/domain-checker.md, agents/trademark-checker.md) explicitly require WebSearch/WebFetch of public social media, package registries, domain sites, and trademark databases and the synthesizer/early-exit logic reads and acts on those untrusted third-party results (e.g., immediate "Abandon" if an exact social handle is found), so public/user-generated content can directly influence decisions and tool use.