stitch-ideate

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly uses WebSearch and WebFetch on public sites (see "Research Engine" and "Phase 2.5: Design Research (automatic)" — e.g., WebFetch of competitor marketing sites, Dribbble/Behance, Coolors) and requires the agent to synthesize those untrusted, user-generated or public-web findings into design directions and PRD decisions, which can materially change subsequent tool actions (generation/auto-continue); this meets all flagging criteria.