implement-with-design

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory precondition step 4 ("Research third-party patterns") explicitly instructs the agent to fall back to Exa (get_code_context_exa, web_search_exa) and Context7 to fetch fresh code examples and recent docs/tutorials from the web and to run package-manager view commands, meaning the agent will fetch and interpret open/public third‑party content (docs, tutorials, registry data) that can materially influence versioning and implementation choices.