qa-auditor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The testing_protocol explicitly requires "Security Scans: Audit community and social messaging" and "Link & Doc Validation: Verify every link..." which instructs the agent to fetch and read untrusted public/user-generated content (social posts, community messaging, and external links) as part of its required workflow, creating clear potential for indirect prompt injection.