enrich-excel

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 3 instructs the agent to run tinyfish search and explicitly to tinyfish fetch content get "https://some-result-url.com" and to extract data from search snippets and full page content, which are arbitrary public web pages (untrusted third-party content) that the agent must read and use to decide what to write into the Excel sheet.