bmad-checkpoint-preview

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The workflow explicitly resolves PR references via gh pr view (step-01-orientation.md) and reads spec/PR Intent sections verbatim to drive the review, so it ingests user-generated GitHub/PR content (an untrusted third-party source) that can materially influence decisions and actions.