counter-proposal-generator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's Trigger and Step 1 explicitly accept a URL to a contract document and state "If a URL is provided, fetch it using WebFetch," meaning the agent will ingest arbitrary third-party web content (public URLs) and must read/interpret it to generate negotiation actions.