rebuttal

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly loads and normalizes external "raw reviews" (pasted text, markdown, or PDF) into rebuttal/REVIEWS_RAW.md and then reads and acts on those reviewer texts throughout the workflow (Phase 0/1 and Phase 2–7), meaning untrusted reviewer/user-generated content from public review systems could materially influence tool decisions and actions.