spec-driven-archive

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The required workflow ingests outsider-authored free text via the runtime contents of files under .spec-driven/changes/<name>/specs/ (e.g., delta spec markdown written by someone other than the operating user), which the AI then reads and merges into .spec-driven/specs/ before archiving.