multi-model-planning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly sends plan prompts to external third-party models via CLIs (see "Send to models in parallel" in SKILL.md which calls Cursor Agent, Claude Code, OpenAI Codex), captures their outputs, and then synthesizes and acts on those model responses—so untrusted external content is read and used to drive decisions.