gsd-orchestration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly permits subagents (e.g., the Researcher and agent-architect flows) to use WebSearch/WebFetch, RAG/ChromaDB, and domain skills like "find-dataset" to fetch and ingest content from public web sources (see references/ARCHITECT-INTEGRATION.md and references/DOMAIN-INTEGRATION.md), so the agent will read and interpret untrusted third-party content as part of its workflow.