pm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's explore workflows spawn research agents (e.g., agents/competitive-researcher.md, agents/ideation-researcher.md, agents/user-problems-researcher.md as invoked in workflows/explore.md) that explicitly run mandatory WebSearch/WebFetch on public sites (including Reddit/HackerNews/G2 and competitor homepages) and consume those fetched, user-generated sources to drive roadmap/PRD decisions, so untrusted third‑party content can materially influence agent actions.