bmad-os-root-cause-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The required Execution steps in prompts/instructions.md explicitly tell the agent to "resolve to the specific fix commit/PR using gh and git" and to "read the fix diff, PR/issue discussion," which means the skill will fetch and ingest untrusted, user-generated content from external GitHub/PR discussion pages and use that content to drive analysis and decisions.