bmad-os-root-cause-analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required execution steps instruct the agent to "read the fix diff, PR/issue discussion" (via gh/git) which ingests user-generated content from public GitHub/issue pages as part of its analysis, allowing that third-party text to influence decisions and attribution.