ce-compound

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's Related Docs Finder explicitly searches GitHub issues using the gh issue list --search "<keywords>" fallback (and other external MCP tools) and the resulting issue findings are read and folded into the orchestrator's Phase 2 assembly/decision logic (overlap assessment, what-to-write, and whether to invoke refresh), so untrusted, user-generated third-party content can materially influence agent actions.