tech-decision

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly calls the dev-scan skill to collect community opinions from public, user-generated sources (Reddit, Hacker News, Dev.to, Lobsters) and then uses those sources in analysis, so the agent will ingest and interpret untrusted third-party content that could carry indirect prompt injection.