ac-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill can perform web searches and ingest public competitor information during initialization (see references/init.md: "若用户同意，使用 WebSearch 搜索相关竞品信息并整理关键差异点供用户参考后再继续"), which means it will fetch and interpret untrusted third‑party web content that can influence planning decisions.