gts-library-workflows

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow index explicitly calls out "compare-preprod-header.md: Compare library Header component against pre-prod retailer header with agent-browser (auth + checklist)", which requires the agent to browse and read a third-party retailer page (untrusted/public content) as part of its workflow, creating a vector for indirect prompt injection.