roadmap-with-file

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly calls web.run in Phase 3 ("Iterative Refinement") to fetch external web search results for "architecture patterns and best practices" and then extracts findings that are recorded into the roadmap and can change decomposition/decisions, exposing the agent to untrusted public web content (SKILL.md Phase 3: "Execute web.run for architecture patterns and best practices").