harness-plan

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's create flow (references/create.md Step 3: "技術調査（WebSearch）") explicitly instructs the agent to run WebSearch queries against the open web and use those findings to generate Plans.md, meaning it fetches and interprets untrusted public third‑party content that can materially influence planning and subsequent actions.