help

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly names external research agents and MCP servers that fetch public content (e.g., "oracle agent" for external research and the "MCP Servers" list including firecrawl (Web scraping), github-search, and perplexity) and maps those agents into workflows (e.g., "Research docs | oracle agent, nia-docs, perplexity"), indicating the agent will read and act on untrusted public web content as part of its workflow.