finance-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The SKILL.md workflow and README explicitly instruct the agent to "Research Market Rates" via web search (Step 3 of the Codebase Cost Estimator / "Search for CURRENT year market rates"), meaning the agent is expected to fetch and interpret open/public web content (untrusted, user-generated or third‑party market pages) which will materially affect the cost estimates.