ce-plan

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly runs external research agents (e.g., Phase 1.2–1.3: "ce-framework-docs-researcher" and "ce-best-practices-researcher" to fetch version-specific documentation and external best-practice sources) and uses those third-party findings to influence plan decisions, so it ingests untrusted public web content that can materially change agent behavior.