external-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow (SKILL.md) instructs using /external-scout to fetch current documentation from external sources (e.g., "Context7" and official package docs) into .tmp/external-context and explicitly directs the agent to read and apply those files to drive implementation, so untrusted public docs could influence agent actions.