wargame

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly performs WebSearch/WebFetch during "Intelligent Intake (Phase 1)" and via the in-session "research" command (SKILL.md and references/session-commands.md), meaning it fetches and ingests open-web third‑party content and uses those results to inform classification, analysis, and decisions — creating a clear avenue for indirect prompt injection.