cc10x-router

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly creates web-researcher and github-researcher tasks that fetch and persist web/GitHub content using backends like brightdata/websearch/webfetch/octocode and then inject those "Research Files" into agent prompts and workflow artifacts (see the "Research tasks" and "Research Orchestration" sections), meaning untrusted third‑party/user-generated content is read and can materially influence planning, building, and tool decisions.