spec-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly instructs in "1. 니즈 정렬 및 현황 파악" that the agent should collect "도메인 지식, 유사 시스템 패턴, 유사 솔루션 사례 등 인터넷을 통해 습득 가능한 지식" via sub-agents, which means it ingests public web content (untrusted third-party sources) and uses that information to influence spec decisions.