clockwork-compliance-check

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The workflow (references/workflows/compliance-check-workflow.md, Step 1 "Load roster from CSV URL") explicitly instructs the agent to download and parse an arbitrary csv_url via curl and use that roster data to drive compliance scoring and follow-up actions, exposing the agent to untrusted third‑party content.