simmer-judge-board

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required investigator and primitive steps explicitly tell judges to "SEARCH for solutions" and "Research if stuck" and to "cite what you found" (see "STEP 1: INVESTIGATE" and the "When you see a failure pattern... SEARCH for solutions" / "Research if stuck" lines in SKILL.md), which expects fetching and interpreting open third-party content (e.g., web resources) that can influence scoring and the ASI; therefore it exposes the agent to untrusted external content.