agent-creator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly performs WebSearch/WebFetch/Exa calls against public sites (see docs/research-and-skills-gap.md Step 2.5 and docs/occupational-alignment.md Step 2.3 which instruct WebFetch of BLS/Ongig/MyMajors and arbitrary URLs) and requires the agent to read and incorporate that external content into agent design, routing keywords, and subsequent tooling/actions, so it clearly ingests untrusted third‑party content that can influence behavior despite the listed security scans.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.90). The skill's mandatory occupational-alignment Research Gate invokes WebFetch at runtime to retrieve and incorporate external content (e.g., https://www.bls.gov/ooh/a-z-index.htm) which directly feeds the agent's prompt/context and is required by the creation workflow, creating a runtime external dependency that can control instructions.