thatopen-impl-bcf

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly ingests untrusted third-party BCF files via the import workflow (bcfTopics.load shown in SKILL.md and the file-input example) and accepts external document URLs in bcfTopics.documents, and the imported topics/viewpoints are parsed and used to create topics, viewpoints, and trigger onBCFImported events that can materially influence subsequent actions.