specification-architect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill's Phase 0 "Verifiable Research" (SKILL.md) and the plugin.json description explicitly require using WebSearch and WebFetch to find, browse, and ingest arbitrary browsed URLs as evidence for claims, meaning the agent will read and interpret untrusted public third‑party content during its workflow.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly mandates runtime WebFetch of browsed URLs to verify claims and inject their content into prompts/citations (e.g., https://nodejs.org/en/docs/guides/blocking-vs-non-blocking/ is listed as a browsed source), so external pages fetched at runtime directly control the agent's prompt content and are a required dependency.