security(orchestration): task output not sanitized before inclusion in PlanVerifier prompt #2239
Description
Context
PlanVerifier::build_verify_prompt() includes task output verbatim. When verify_provider is a separate third-party endpoint, this creates an information disclosure risk for sensitive task outputs.
Fix
Pass task output through ContentSanitizer / redaction pipeline before including in the verification prompt.
Severity
Medium — blast radius limited by verify_provider typically being an internal/trusted endpoint.