planning-with-files

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow (see .agent/skills/planning-with-files/references/findings.md and task_plan.md) explicitly mandates performing "view/browser/search" operations and updating the "Research Findings" under the 2-Action Rule, which means the agent will fetch and read open web/public content that can influence technical decisions and next actions.