haul

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's required workflow (INTAKE → SEARCH → MATCH → DOWNLOAD → VERIFY → CURATE in SKILL.md and detailed in references/source-strategies.md and references/license-compliance.md) explicitly fetches and ingests content from public third‑party sources (e.g., Google CSE / Bing / SerpAPI image search, marketplace pages and APIs, manufacturer/brand sites, robots.txt/ai.txt/ToS snapshots) and uses that untrusted, user-generated or external content to compute match scores, license classifications, and next actions, so it clearly exposes the agent to indirect prompt-injection risk.