architecture-research

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md "Phase 2: Technology Research — Research Protocol" explicitly instructs the agent to use research-lookup and to search for official docs, production case studies, benchmarks, and community sources (e.g., GitHub, issue trackers), i.e., untrusted public third‑party content that the agent is expected to read and use to drive ADRs and architecture decisions.