workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation and examples (notably the DurableAgent patterns and SKILL.md examples) show agent tools that call webSearch/fetch and handle external webhook Requests (e.g., searchWeb → webSearch(query), fetch to external APIs, resumeWebhook with external URLs), which clearly ingest untrusted public web/webhook content that the agent is expected to read and use to drive decisions.