bmad-agent-tech-writer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's write-document.md explicitly instructs the agent to "use a subprocess if available for any web search, research, or document review required to extract and return only relevant info" and the Process (Research) step instructs using subagents to review documents or user-provided references, which indicates the agent may fetch and ingest open/public third‑party content that can affect its outputs.