agent-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow explicitly routes "research" tasks to a "scout" sub-agent that is instructed to perform API exploration and documentation analysis and "always cite sources" (see SKILL.md Task Flow, README "Scout (Research Phase)" and references/patterns.md "Research Specialist"), and those research findings are consumed by builders and used to drive implementation and actions, so untrusted public web/social content could materially influence agent decisions.