edge-candidate-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The auto-detection workflow explicitly accepts and runs an external LLM/CLI via --llm-ideas-cmd (see auto_detect_candidates.py generate_llm_hints and references/ideation_loop.md), parses its untrusted YAML/JSON output as "hints", and applies those hints (hint_boost/matched_hints) which materially change scoring and exported candidate decisions.