implementation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's required workflow tells the agent to "Implement following project patterns (see references/)" and those referenced files (references/mcp-usage.md and references/async-parallel-operations.md) include explicit, actionable examples of using MCP/browser/web-search and mcp_call to fetch GitHub, npm, and web docs (public third‑party sources) that the agent would read and use to drive decisions, so it clearly ingests untrusted public content that can influence subsequent actions.