sdlc-develop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill can load and interpret arbitrary third‑party web content—explicitly in Phase 4.2’s "VERIFY UI" workflow which asks for a URL and uses Playwright to open and inspect webpages (and also via the Phase 2a-res "deep-research" skill invocation) so untrusted public pages can be read and their content can influence quality-gate decisions.