git-platform

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's command-mapping and "Discussion Operations" explicitly use gh api/graphql and Bitbucket REST API calls (e.g., "Get Discussion", "List Recent Discussions by Category" and the SessionStart hook fetch-recent-discussions.sh) to fetch repository discussion bodies and comments—untrusted, user-generated content that the agent reads and can act on.