bmad-create-architecture

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The workflow explicitly instructs the agent to "Search the web" and verify current versions (e.g., steps/step-03-starter.md and step-04-decisions.md state "Search the web to verify current versions" and include web search queries), meaning the agent will fetch and read open/public web pages whose user-generated/untrusted content can directly influence starter selection, versioning, and architectural decisions.