trellis-meta

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Agents Reference (references/claude-code/agents.md) explicitly gives the Research Agent tools including "web search, chrome-devtools" and the Plan agent workflow calls the Research Agent to inform task configuration, so the agent is expected to fetch and interpret untrusted/public web content which can materially influence downstream actions.