qbr-facilitator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Executive Preparation and Research guidance explicitly instructs reviewing and incorporating public third-party content (e.g., press releases, LinkedIn profiles, recent posts/articles) as part of pre-QBR research, meaning the agent is expected to ingest untrusted web/user-generated content and could be exposed to indirect prompt injection.