implement-with-instructions

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's mandatory preconditions (step 2 "Research third-party patterns") require falling back to Exa's web_search_exa and Context7 query-docs and running package-manager view commands, which fetch open/public docs and registry data (user-authored/untrusted) that the agent will read and use to choose libraries/versions and implementation decisions, creating a clear vector for indirect prompt injection.