decide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow repeatedly and mandatorily invokes external web research (e.g., "Required capabilities: web search or web-researcher agent" and Task(subagent_type:"vibe-extras:web-researcher", ...)) and instructs launching agents via plugin:agent to fetch and interpret public web sources as core inputs to option discovery, research, elimination, and recommendations, so untrusted third-party content can directly influence tool use and next actions.