sprintflint-api

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill makes API calls to SprintFlint (e.g., GET /api/v1/projects/{project_id}/sprints/{sprint_id}/issues and GET /api/v1/.../comments) and therefore ingests issue descriptions and user comments from external, user-generated sources that could contain untrusted instructions.