workflow-router

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Specialist Mapping (Step 4) explicitly maps "Research" to an "oracle / Librarian" that does "Comprehensive research using MCP tools (nia, perplexity, repoprompt, firecrawl)," which indicates the agent will fetch and ingest open/public web content and use those findings to drive planning and agent-spawning decisions.