contractor-agreement-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests and analyzes user-provided contracts ("File uploaded → default to ADVISE") and instructs the agent to "scan document against playbook criteria," so it will read arbitrary, untrusted user-generated content that could carry indirect prompt-injection payloads.