workflows-plan

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill conditionally runs external research agents (Step 1.5b: best-practices-researcher and framework-docs-researcher) and instructs the agent to note and incorporate external documentation URLs/best practices into the plan, which exposes it to open/public third‑party content the agent will read and interpret.