ultra-troubleshoot

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md Step 4 and the Tools section explicitly require searching and reading public GitHub repositories and web sources (e.g., "gh search repos/code/issues/prs" and "Web search") and using those findings to alter the analysis and recommendations, which exposes the agent to untrusted, user-generated third‑party content that can change its actions.