sdd-slim-plan-learning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires ingesting and researching external projects (e.g., "Git 仓库 / 在线项目链接" in specify.md and the subagent prompt prompts/module-subagent-task-prompt.md) so the agent/subagent will fetch and interpret arbitrary public repositories/user-provided project pages which could contain untrusted, user-generated instructions that materially influence planning and tool actions.