wc-fixture-progression

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.75). The skill’s runtime workflow ingests “Per-team attacking and defensive strength … (web-searched, cited)” and “Observed results to date … (goals, goal difference, xG …)” from public web sources, which are outsider-authored free text that can be fed into the agent’s LLM context via the web-fetch/scrape → text extraction path before computing fixture_difficulty and p_advance.