audit-fix-loop

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly invokes a "Source Verification" scorer (Skill(skill="workflows:source-verify")) which verifies citations and quotes against source PDFs and NLM search results—i.e., fetching and interpreting public third‑party documents—which the auditor must read and which can change audit scores and subsequent fix actions.