build

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow repeatedly instructs the agent to perform "web search" and "Deep research" (e.g., "Step 5: Conduct Deep Research" in the research subcommand and similar steps in implementation/phase and the "Deep Research Expectations"), which requires ingesting open/public web content that is untrusted/user-generated and can materially influence planning and automated decisions.