ah-implement-tasks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly fetches and ingests open web content — e.g., "context7" to load live library documentation (Step 2b), "grep" across 1M+ public GitHub repos for real-world patterns, and "npx opensrc" to pull npm package source — and those fetched docs/code are included in implementer subagent prompts and used to guide implementation decisions, so untrusted third-party content can directly influence agent behavior.