ppt-agent-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's core workflow explicitly instructs the agent to perform fresh fact-finding from external sources (SKILL.md "Decide whether fact-finding is needed", "Source-driven request", and "Gather or organize context") and the integration/method docs even list "web search, browser, webpage fetch" (references/method.md) and the Research Brief prompt requires returning source links, meaning the agent will fetch and read untrusted public web content that can materially influence subsequent outlining and generation.