pagerduty-oncall

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly fetches incidents, logs, and user-authored notes from PagerDuty via the pd CLI (e.g., pd incident notes ... | node .../parse-notes.js > .pagerduty-oncall-tmp/notes/<INCIDENT_ID>.json) and then the agent is required to Read those saved JSON files and use their content to produce analysis and recommendations, so untrusted third-party (user-generated) content can influence decisions.