coding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The Discovery Protocol explicitly instructs "for third-party code: read vendored source OR fetch docs" and the included .dev/reference-inventory.json lists public external URLs (e.g., anthropic.com, arxiv.org), indicating the agent will fetch and interpret open/public third‑party web content as part of its required workflow.