docs-codebase

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's SKILL.md "Fact-Checking" step explicitly instructs the agent to "Use web search/web fetch to verify current external facts, versions, pricing, deadlines, regulations, or platform behavior" (i.e., fetch and interpret public web sources), so untrusted third‑party content could be ingested and materially influence actions.