multi-agent-client-onboarding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's required workflow explicitly instructs the Commander and specialist agents to use WebSearch and given URLs to crawl and ingest public websites, job posts, docs, and tools like BuiltWith/StackShare (see "Phase 0: Intelligence Gathering", each Agent's "What to Search For", and the Execution Instructions), meaning it consumes untrusted third‑party web content that will directly inform decisions and actions.