spec-kitty-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required research/task workflows (see templates/tasks-template.md and templates/tasks.md) explicitly instruct agents to search public databases (e.g., IEEE, PubMed, arXiv) and record arbitrary URLs into source-register.csv/evidence-log.csv, meaning the agent will fetch/read untrusted third‑party web content that can change planning, decisions, and subsequent tool actions.