project-flow-ops

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). This skill explicitly instructs the agent to "Read the public surface first" and gather GitHub issue/PR state, author text, review comments, and linked issues from public GitHub, which are untrusted user-generated sources that the agent must interpret to decide classifications and Linear actions.