harness-engineering-orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Market Research and related agents (agents/market-research.md and agents/frontend-designer.md) explicitly instruct the agent to search and ingest public web content (competitor sites, GitHub repos, reference apps/docs) as part of the required Phase 1 workflow, and that external content is used to inform stack/PRD/architecture decisions—meeting all criteria for exposure to untrusted third‑party content.