agent-types

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly lists agent types that perform WebFetch/WebSearch (e.g., the "claude-code-guide" entry lists "Tools: Read-only + WebFetch + WebSearch" and research agents like "adr:adr-researcher" state "web search"), indicating the agent will fetch and read public web content which could include untrusted, user-generated material and thus influence agent decisions.