groove-utilities-task-analyse

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md backend mappings explicitly fetch issues/tasks from third-party, user-generated sources (e.g., "gh issue list --state all --assignee @me", "beans list --json --status ...", and Linear CLI/MCP) and instruct the agent to read and summarise those task bodies (including "Summary of Changes"), so untrusted external content can influence its outputs and downstream decisions.