bmad-product-brief-preview

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly launches a "Web Researcher" subagent (agents/web-researcher.md) during Stage 2 contextual discovery (prompts/contextual-discovery.md) to perform targeted web searches and synthesize open/public web content into the brief-drafting workflow, thereby ingesting untrusted third-party content that can materially influence decisions and subsequent actions.