brainstorm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to use WebSearch for cross-project topics ("Cross-project topics... use WebSearch to research the domain") and to run gh issue list when available, meaning it may fetch and silently ingest public web or GitHub content and use those findings to drive clarifying questions, design choices, and downstream actions.