design-consultation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Phase 2 research flow explicitly uses WebSearch and a browse binary ($B goto "https://example-site.com", screenshots/snapshots) to fetch and analyze arbitrary public websites, and those third‑party pages are read and synthesized into the Phase 3 design proposal, so untrusted web content can materially influence decisions and tool actions.