pre-ship-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's Phase 3 "Domain Correctness" requirement (Template A step 8 and the Judgment Checks Reference) explicitly instructs reviewers to "cross-reference cited sources" and "verify against the cited source," which requires fetching/reading external/public third-party content (papers/web pages) and using that content to decide whether constants/formulas are correct, thus exposing the agent to untrusted third‑party content that can influence decisions.