trellis-meta

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Research Agent explicitly lists "web search, chrome-devtools" as allowed tools (references/claude-code/agents.md
• Research Agent) and is invoked in the documented workflows to find patterns and inform task setup, so it can fetch untrusted public web content which the system then uses to influence agent decisions and subsequent actions.