roadmap

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md Inputs/Workflow explicitly say the skill will "analyze" a competitor given as a URL or product name (Inputs table: "Competitor to clone/improve | URL or product name — skill analyses it"), which implies fetching/ingesting arbitrary public web content that the agent will read and use to drive roadmap decisions and subsequent actions.