validating-plans

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's environment-verifier agent explicitly checks "Package existence in registries" and "API signatures and exports" (see SKILL.md Phase 2 / references/agent-guide.md), which implies fetching and interpreting information from public package registries and external API docs—untrusted third‑party sources that can influence validation decisions and downstream actions.