qwen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill invokes the external "qwen" CLI and explicitly captures and presents its output as part of the workflow (see references/shared-procedure.md Step 6: "Run... Capture full output" and Step 7: "Present Results" and references/cli-qwen.md), which means untrusted third-party model responses are ingested and can materially influence subsequent decisions/actions.