prompt-refinement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's research template and process explicitly instruct the agent to consult external/open sources (e.g., "Scope: External (GitHub projects, documentation, blogs)" and the multi-agent "Discovery phase: Parallel agents find sources, patterns, documentation" in templates/research.md), meaning the agent will fetch and read untrusted public web content as part of its workflow.