implement-issue

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The orchestrator is explicitly invoked with a GitHub issue number and the workflow's setup/research/evaluate/plan and implement stages indicate the agents will fetch and read that GitHub issue (user-generated public content) and use it to drive planning and actions, which exposes the agent to untrusted third‑party content.