ai-context-engineer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's core workflow "Retrieval into context" (SKILL.md) and supporting docs (references/retrieval_packing.md and references/context_layout.md) explicitly require ingesting RAG/retrieved chunks (untrusted/public retrieval) and instruct the model to answer from those cited chunks, so third‑party content from retrieval sources can be read and materially influence agent decisions.