spec-driven-dev

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's spec-plan workflow explicitly instructs the agent to "Research technical approaches ... use available tools (web search, documentation) to inform decisions" (references/spec-plan.md, step 4), which requires fetching and interpreting open/public web documentation whose untrusted content could materially influence design and subsequent actions.