agent-exploration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The explorer subagent and dispatch rules explicitly allow WebFetch/WebSearch for slices that include URLs (see assets/explorer-agent.md and references/dispatch-rules.md), so the skill can fetch and read arbitrary public web pages/URLs which are untrusted third-party content and can influence analysis and subsequent actions.