vision

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Core Contract explicitly requires (P3) that the agent "eagerly Read brand assets, competitor references, and existing tokens at SURVEY" (see Core Contract / _common/OPUS_47_AUTHORING.md), which directs the agent to ingest third‑party competitor references (public/untrusted sources) as part of its required workflow and those readings can materially influence design decisions and delegation — creating a clear avenue for indirect prompt injection.