team-frontend

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The analyst role (role-specs/analyst.md, Phase 3 Step 4) explicitly calls WebSearch(...) to retrieve competitive references from the public web and incorporates those results into design-intelligence.json which downstream architect/developer phases rely on, thereby exposing the agent to untrusted third-party content that can materially change behavior.