ce-debug

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The Phase 0 Triage explicitly requires fetching and reading issue tracker content (e.g., "GitHub... fetch with gh issue view" and "Other trackers... Attempt to fetch... or by fetching the URL content"), which are untrusted, user-generated third‑party pages that the agent must interpret and which can materially influence its debugging decisions.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

• Potentially malicious external URL detected (high risk: 0.80). The skill explicitly fetches issue tracker content at runtime (e.g., GitHub issue URLs via "gh issue view" and other tracker URLs such as https://github.com/... ), and that fetched content is injected into the agent's context to drive its debugging prompts, so remote content can directly control agent instructions.