parallel-dev-cycle

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the RA agent to fetch and "Use these documents as the primary source of truth" for reference URLs listed in .workflow/.cycle/prep-package.json (phases/01-session-init.md and the spawnRAAgent prompt in phases/02-agent-execution.md), so the agent will read and act on arbitrary external URLs which can materially influence planning and tool actions.