pulumi-neo

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly polls Pulumi's public Neo API (see scripts/neo_task.py and SKILL.md: GET /api/preview/agents/{org}/tasks/{taskID}/events) and parses agentResponse/assistant_message event content and tool_calls (e.g., approval_request) which are used to decide prompts and to send approvals, so third‑party responses are ingested and can materially influence subsequent actions.