workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's review flow explicitly instructs using web search when available ("IF WebSearch/web capabilities available: Search in parallel..." in references/actions/review.md) and to synthesize those public web results into a language-specific overlay that influences production-mode reviews, which means it can fetch and act on untrusted third-party web content during normal workflow.