ce-plan

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly runs external research agents (e.g., Phase 1.3 "ce-framework-docs-researcher" and "ce-best-practices-researcher"), performs web searches per references/universal-planning.md, and ingests "External References" URLs — public third-party content the agent reads and uses to make technical decisions and change plan actions.