doc-iplan-fixer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (medium risk: 0.65). The skill consumes the latest IPLAN-NN.A_audit_report_vNNN.md (an upstream audit report authored by an external party/tooling in the Audit→Fix loop), and that report’s free-form text is read at runtime and fed into the agent’s LLM context to decide fixes—this is outsider-authored content via the audit report input path.