gsd-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly invokes external AI CLIs (Gemini / the agent / Codex) and parses their outputs as part of the workflow (see SKILL.md mappings: Task→spawn_agent and the Result parsing / Objective/Process that collects responses and writes REVIEWS.md), so it ingests untrusted third‑party agent-generated content that can materially influence subsequent actions.