hone

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly requires WebSearch/WebFetch as part of its Core Contract and CAPABILITIES_SUMMARY (e.g., "Always fetch official documentation before auditing" and "best_practice_fetch: WebSearch/WebFetch ... release notes, and community practices") and its references/web-sources.md lists community sources (T3: Reddit, developer blogs), so the agent will fetch and interpret open/public third‑party content that can materially influence audit decisions and proposals, creating a clear indirect prompt‑injection risk.