generate-prd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The Phase 2 "issue-context-gatherer" explicitly directs the agent to load trackers (e.g., Linear or GitHub) and run searches like "gh search issues ...", reading issue titles/bodies and related discussion (user-generated, potentially public) to inform the PRD, so third-party content is fetched and used to influence decisions.