project-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's /explore-idea command (Phase 2: Research & Validation in commands/explore-idea.md and Research Tool Usage) explicitly instructs the agent to run WebSearch and use an Explore subagent to fetch and read open web sources (GitHub examples, articles, official docs), and those findings are used to create PROJECT_BRIEF.md and drive planning decisions, exposing the agent to untrusted third‑party content that can influence subsequent actions.