planning-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs agents to "Have Claude Code search the web and update them to latest versions" and includes public GitHub example links, meaning the agent will fetch and read open/public third‑party web content (untrusted/user‑generated) as part of its workflow.