spec-driven-planning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly instructs the agent to use WebSearch/WebFetch and bash/curl to fetch competitor product documentation, external API docs, and web research (open/public URLs), so the agent will ingest untrusted third-party web content as part of its workflow.