setup-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Map Phase and coordination docs (e.g., shared/coordination/map-phase.md and file-based-handoff.md) explicitly instruct Agents to use WebFetch and browser navigation (arbitrary URLs / webpage text) to read external webpages as evidence, meaning the agent will ingest untrusted third‑party content that can materially influence tool use and decisions.