git-workflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The AGENTS.md workflow explicitly instructs the agent to fetch and analyze repository data (e.g., "Examine recent commit history (last 50-100 commits)" and "Analyze open and recent PRs", plus examples using git log and the GitHub CLI/gh api), which means the agent will ingest user-generated commit messages and PR descriptions from third-party repositories that could influence decisions and tool actions.