optise-helix-eu-trust-centre

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to fetch and audit a user-provided published Trust Centre URL (Section 4 Step 0: "Audit existing — user has a published Trust Centre URL") and the Operating Principles state "Web search and web fetch ARE available" and require auto-verifying URLs via web_fetch, so the agent will read and act on content from arbitrary public web pages which are untrusted and can materially influence subsequent tool actions.