technical-pm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Research-First Workflow" explicitly requires performing web searches and citing engineering blogs, papers, and other web sources ("Use web search ... Do 5-10 searches" and "Cite sources") which instructs the agent to fetch and interpret open/public third‑party content (e.g., blogs, papers, benchmarks) as part of its required workflow, allowing untrusted content to influence decisions.