bmad-product-brief

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly directs the agent to perform "generic web research" and to "spawn web-research subagents" during the Discovery phase (see the "Discovery" section) and to consult external sources alongside web research in On Activation step 4, which means it will fetch and ingest open/public third‑party content that can materially influence drafting and decisions.