wds-2-trigger-mapping

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly instructs the agent to perform open WebSearch and domain research (including "user reviews" and "industry insights") as part of Layer 3 in steps-c/step-01-overview.md ("For EACH step ... Execute Layer 3: Domain Research
• WebSearch relevant to current step"), so the agent will fetch and interpret untrusted, user-generated third-party content that can influence generation and decisions.