screening

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Step 2: Execute Searches" explicitly requires searching public third‑party databases (e.g., OpenSanctions, Wikidata, OFAC, Interpol) and "Document all matches" and "Step 3: False Positive Assessment" requires the agent to read/interpret those matches to decide CLEAR/ESCALATE, so untrusted public content can directly influence decisions and actions.