check-plan

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to fetch and read the original issue via "gh issue view " (GitHub issues), meaning it ingests user-generated, potentially public third‑party content and is expected to interpret it as part of the audit.