blitz

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly requires extracting and embedding GitHub issue content into agent prompts (e.g., "gh issue view" and the "ALL REQUIREMENTS FROM ISSUE" prompt template in SKILL.md), which ingests untrusted, user-generated third-party content that directly drives agent decisions and actions.