stress-test

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill's Phase 2 "Verify via Search" explicitly instructs launching sub-agents that use WebSearch/WebFetch to fetch and read public docs, issues, and websites, and those untrusted public findings are then used to drive verification, POC selection, and plan changes, which could allow indirect prompt injection.