daily-next

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches and ingests user-generated content from third-party systems—Jira issue comments and attachments (at hgdata.atlassian.net), Confluence pages, Slack threads, and GitHub PRs—as required by the "Gather Deep Context" workflow and uses that content to synthesize the "Suggested Next Action" and drive updates, so untrusted third-party content can materially influence agent decisions.