cali-product-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs running subagents of type "researcher" and "scout" to perform "external research" and "investigate external docs" (references/pi-tools/subagents.md) and the execution/strategic workflows (skills-execution/cali-product-scope-executor/SKILL.md Step 3, phases/context.md, and references/strategic-exploration.md) require using those researcher outputs and external web tools (e.g., GummySearch, Google Trends) as inputs to planning and execution, meaning untrusted, public third-party content is fetched and read and can materially influence decisions and tool actions.