claude-mem

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The make-plan.md Phase 0 "Documentation Discovery" and the subagent reporting contract explicitly require searching for and reading documentation/examples and returning "sources consulted (files/URLs)," which means the orchestrator flow will fetch and act on external (potentially public/untrusted) web or file content that can change planning and tool use.