specsmith

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's forge workflow explicitly requires spawning the specsmith:researcher subagent (agents/researcher.md and commands/forge.md / SKILL.md) which uses WebSearch and WebFetch to read public web pages, GitHub/community resources, and library docs and then the main agent reads/merges those research-*.md files to make library/architecture decisions, so untrusted third‑party content is ingested and can materially influence subsequent actions.