spec-workflow-init

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly instructs fetching and reading user-generated GitHub issue content via "gh issue view {issue_number}" (see references/workflow-template.md "Get Issue Information") and .specs/* specification files, which are open/untrusted third-party content the agents must interpret and that can materially influence actions.