Acp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's protocol explicitly supports and instructs agents to accept and act on external resources (see "Content Types" -> resource_link and the workflow/decision guidance that says "Fetching external data — Auto-execute" and to "connect to specified MCP servers"), which means the agent is expected to fetch and interpret arbitrary external third‑party resources that could contain untrusted/user-generated content.