research-driven-planning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.95). The skill's Research SOP (SOP Phase 2) explicitly instructs "Web Research Specialist" and "GitHub Analysis" agents to fetch public web pages, papers, and GitHub data (providing source URLs and storing results in .claude/.artifacts/research-synthesis.json), and that synthesized untrusted third‑party evidence is used to drive recommendations and planning decisions that affect subsequent actions.