intlayer-config

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md explicitly describes a "fetch" importMode and liveSync/cmsURL/backendURL settings — e.g., "Fetch mode will use the live sync API to fetch the dictionaries" — meaning the agent can fetch remote CMS/dictionary content (user-provided/untrusted) and pass it into AI/contextual workflows (auto-fill/transforms), so third-party content can materially influence tool behavior.