design-jira-state-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs the agent to fetch and ingest user-generated changelog/timeline data from third-party systems (Jira changelog via --expand changelog and GitHub PR timeline) and to parse those records as part of its analysis workflow, so untrusted external content can materially influence decisions and outputs.