skill-construction

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The required runtime inputs (extracted_components and synthesis_output) are produced by upstream agents from outsider-authored text (e.g., methodology docs/issues/PRs/web pages) and are then embedded into the constructed SKILL.md/resource files as readable prose, which the calling agent subsequently feeds into the LLM context—so this workflow can propagate outsider free text via those fields.