spec-driven-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's spec-plan instructions (references/spec-plan.md) explicitly direct the agent to "Research technical approaches ... use available tools (web search, documentation)" so the agent may fetch and interpret open/public web content (documentation, search results) as part of its workflow, which could materially influence design/implementation decisions and enable indirect prompt injection.