plan-to-tasks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and processes user-provided project plans/markdown (the "User provides a project plan/spec" and "Converting markdown plans to JSONL format" statements), which are untrusted third-party/user-generated content that the agent must read and interpret as part of its workflow.