project-agentification

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs agents to consult external documentation listed in llms.txt / llms-full.txt (see references/playbooks/docs-index.md — H1 and harden H1) so the agent will fetch and ingest public third-party docs/OpenAPI specs to influence its tool use and decisions, exposing it to untrusted content that could enable indirect prompt injection.