project-agent-factory

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's Step 2 ("공식 문서 + GitHub/인터넷 사례 검증") plus references/multi-agent-case-sources.md explicitly require fetching and inspecting public web and GitHub URLs (source_review.tsv, source_probe.tsv, source_evidence/*.md) and using those findings as required input to generate agent_plan.tsv and apply configuration, so untrusted third‑party content can directly influence agent decisions and actions.