gsd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's research and planning agents (e.g., gsd-phase-researcher, gsd-project-researcher, gsd-planner and gsd-debugger) explicitly list WebFetch/WebSearch and mcp__context7__* as tools and describe using WebSearch/Context7 to pull public docs, blog posts and other web content to synthesize DISCOVERY.md/RESEARCH outputs, so the agent will read and interpret untrusted third‑party web content as part of its workflow.