best-practices

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill requires mandatory live research using find-docs and WebSearch ("Phase 1: Research", "Parallel Research" in SKILL.md) and explicitly fetches user-provided URLs, so the agent ingests open/public third-party web content that it must read and synthesize into recommendations, allowing untrusted content to influence actions.