analyze-ci-failures

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly fetches PR details and GitHub Action job logs from PRs using GitHub MCP tools (see "Gather information" and calls like github-mcp-server-get_job_logs and azure-sdk-mcp-azsdk_analyze_pipeline), which are untrusted, user-authored third-party content that the agent reads and uses to determine fixes and post comments.