taskmaster

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's workflow explicitly instructs the agent to fetch "external data (APIs, web pages, docs)" and "write raw results to .codex-tasks//raw/ first" (see "Cache before process" / Context Protection in SKILL.md), which means the agent will read and act on untrusted third‑party web/API content that can influence its actions.