issue-triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly reads and analyzes GitHub issues (issue descriptions, labels, and comments), which are public, user-generated content the agent ingests as part of triage, exposing it to untrusted third-party input that could contain indirect prompt injection.