best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Phase 1 "Industry Research" Web tool cascade (agent-browser / WebSearch / WebFetch) explicitly requires fetching and reading external public web pages (blogs, community posts, RFCs, official docs) as untrusted input that the agent must interpret to produce the audit, so third‑party content can influence analysis and actions.