contract-review-pro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required Layer 0 entity verification explicitly instructs falling back to "Web Search" for "[entity name] business registration" when no internal MCP lookup tool is available (see SKILL.md and references/checklist.md), meaning the agent will fetch and interpret open web/public registration pages as part of its verification workflow and record those sources in comments, which can materially affect risk assessments and subsequent actions.