create-adr-spike

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Phase 1 Research workflow explicitly instructs the agent to use external web tools ("WebSearch" and "WebFetch") to fetch and extract content from public web pages and community discussions (see "Phase 1: Research (Discovery)" step 3 and the "External Research (New Information)" section), so untrusted third-party content will be ingested and used to influence ADR decisions.