enrich

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md's mandatory workflow and "Knowledge Source Assessment" / "Real-Time Data" sections explicitly require adding external knowledge sources (e.g., "External data: APIs, web" and "Identify APIs: external services") and instruct retrieving and injecting that third‑party content into prompts, which exposes the agent to untrusted public web/API content that can influence actions.