csharp-azure-spector-coverage-gaps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly instructs the agent to read and interpret public spec files from third-party sources (e.g., {PKG}/node_modules/@typespec/http-specs/specs/ and {PKG}/node_modules/@azure-tools/azure-http-specs/specs/, and upstream GitHub URLs like https://github.com/microsoft/typespec/... and https://github.com/Azure/typespec-azure/..., as well as public coverage dashboards) as required workflow steps, which are untrusted public content that can materially influence generation and test actions.