subagents-orchestration-guide

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill's workflow mandates passing every new task first to the "requirement-analyzer" (under "Subagents I Can Utilize") which is explicitly annotated as "WebSearch enabled" (and prd-creator/technical-designer similarly note web research), meaning the agent will fetch and interpret open/public web content as part of its required decision-making steps and that content can materially influence subsequent actions.