managing-intelligence-lifecycle

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow (SKILL.md Steps 2–3 and the references/api-reference.md) explicitly requires ingesting external collection sources such as MISP, TAXII/MITRE ATT&CK, Recorded Future and "darkweb monitoring"—community or public feeds the agent is expected to read/interpret as part of processing and analysis—so untrusted third‑party content can materially influence decisions and actions.