meticulous-cli-debug

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's debug commands explicitly download "the head and base replays, session data, diff results, and PR diff" (SKILL.md "debug replay-diff" / "debug replay" sections), placing those user-generated artifacts into an AI-assisted workspace that the agent is expected to read and use for debugging, which exposes it to untrusted third-party content that could supply indirect instructions.