multi-ai-consultant

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly runs /consult-gemini which invokes the Gemini CLI with Google Search and grounding (see commands-reference.md and templates/GEMINI.md) and ingests public web search results/URLs (e.g., the Cloudflare docs link in the sample), so the agent will read and act on untrusted, third‑party web content.