workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The Article Evaluation workflow explicitly fetches and processes arbitrary URLs from the open web (references/article-evaluation-pipeline.md — Phase 1: FETCH: "For URLs: Use WebFetch or curl to retrieve content" and the example "Evaluate this article https://example.com/..."), so the agent will ingest untrusted third-party, user-generated web content and act on it (classification, validation, and remediation), enabling indirect prompt-injection risk.