harness-drift-from-history

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The skill runs oia-audit and audit-list to fetch audit history records from the metaharness-audit namespace at runtime, and those outsider-authored record contents are ingested as readable JSON/prose into the LLM context via the subprocess composition that produces the drift report.