planning-setup

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow and enforcement rules explicitly require performing browser/navigation and web searches and saving those findings (see templates/rules-enforcement.md and usage-guide.md referencing "Browser automation (mcp__claude-in-chrome__)", "WebSearch", and "WebFetch"), so the agent will fetch and read untrusted public web content as part of its normal operation.