code-task-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires supporting URL input ("You MUST support input as: direct text, file path, directory path (looks for plan.md), or URL") and then parses/analyzes PDD/plan content to generate tasks and PROMPT.md for autonomous execution, so arbitrary third-party pages can be read and materially influence tool decisions.