sparc-methodology

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's SKILL.md (see "Analysis and Research Modes" → researcher) explicitly states it performs "parallel WebSearch/WebFetch" and uses web sources (e.g., "sources": ["academic","industry","news"]) as part of required workflows, so the agent will fetch and interpret open/public third-party content that could carry indirect prompt-injection instructions.