plan-mode

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly requires using Context7 and, if insufficient, "general web search" to verify external technical facts (see SKILL.md "Apply Research Rules" and references/research-policy.md and the README's Context7 dependency), meaning the agent will fetch and interpret public third‑party web content that can materially influence planning decisions.