write-a-prd

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md workflow (step 2) explicitly requires using MCP tools to fetch and ingest user-provided external content from Linear, Figma, and Notion URLs/pages, so the agent will read untrusted third-party (user-generated) content and use it to drive decisions for the PRD.