bmad-bmm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The workflow files explicitly require live web searches and ingestion of public sources (e.g., assets/source/bmm/workflows/1-analysis/research/domain-steps/step-01-init.md and step-02-domain-analysis.md state "Web search is required" and instruct "Search the web" and use subprocesses/subagents to fetch current public sources), so the agent will fetch and interpret untrusted third‑party content that can materially influence its actions.