legal-diligence

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and continuously scans third-party documents—"the counterparty's marked-up NDA" and documents uploaded to the VDR (SKILL.md /redline-nda and AI-Assisted Workflow sections)—and uses that untrusted content to generate redlines, risk registers, and drive actions, creating a clear avenue for indirect prompt injection.