cascade-orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly routes stages to "gemini-search" for "needs_current_info" (see select_optimal_model) and uses a stage "gemini-search: 'Research latest framework best practices'" (Real-World Example 1), which indicates the orchestrator will fetch/ingest public web content that can influence model routing and cascade decisions.