planning-github-issue-tasks

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads GitHub issue snapshots from docs/<ISSUE_SLUG>.md (a user-generated GitHub issue snapshot) and the subagents (task-planner, dependency-prioritizer, task-validator, stage-validator) are required to read and act on that snapshot to drive planning, so untrusted third-party content can materially influence decisions and tool behavior.