flow-next-opencode-plan

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow's Step 1 "Fast research" explicitly runs subagents like docs-scout and github-scout (cross-repo code search via gh CLI) and requires capturing "external docs links" and other external findings, meaning the agent will fetch and ingest content from public third‑party sites (e.g., external docs and GitHub) and use those findings to shape planning decisions.