deck-design-ppt

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's operational playbook (SKILL.md Phase 1 — "Analyze the brief") explicitly instructs the agent to "research what the brief references — web search for market data, benchmarks, competitors" and to accept/replace external image URLs (e.g., product frame / avatar image URL), which requires fetching and interpreting open/public third‑party content that can materially steer routing and build decisions.