bmad-create-story

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The workflow's Step 4 "Web research for latest technical specifics" (and related "UTILIZE SUBPROCESSES AND SUBAGENTS" guidance) explicitly instructs the agent to research external web sources (API docs, library versions, security patches) and incorporate those findings into story requirements and tooling decisions, meaning untrusted third‑party content from the open web could be read and materially influence actions.