querying-council-with-agents

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill spawns subagents that run provider scripts (e.g., ${CLAUDE_PLUGIN_ROOT}/scripts/providers/{name}.sh) per agent-prompt-template.md (running COUNCIL_TIMEOUT=240 bash {SCRIPT_PATH} "{QUESTION}") and explicitly requires reading and returning the providers' full, unedited responses (SKILL.md Step 2/Step 4), which are untrusted third-party outputs that can influence follow-up queries and decisions.