spec-explore

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow's Step 4 explicitly requires exploring external resources ("探索外部代码库（如 AgentScope、第三方库）或技术文档"), meaning the agent will fetch/read third-party public documentation/libraries and use those findings to influence exploration-report.md and downstream decisions, which creates a clear avenue for untrusted content to inject instructions.