prd-maker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to "run live research if needed" (Tracked package path Phase 3) and to record external links/queries in sources.md and references (support_file_read_order item 9 referencing instructions/sourcing/reliable-search.md), meaning the agent will fetch and interpret open/public web content as evidence that can change requirements and next actions.