llm-council

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests external LLM outputs from omega CLI wrappers (see SKILL.md Stage 1 Bash dispatch writing responses to tmp files like "$TMPDIR/gemini.txt") and then feeds those untrusted model-generated responses into other models during Stage 2 peer review and Stage 3 chairman synthesis (see SKILL.md "Anonymized Peer Review" and "Chairman Synthesis"), so those third-party outputs could carry indirect prompt-injection instructions that materially influence rankings and the chairman's final actions.