github-evidence-kit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly collects and processes public, user-generated content from untrusted third-party sources — e.g., the GitHub API (issues, PRs, comments, commits), GH Archive (public event data), and the Wayback Machine (archived page content) — which the agent ingests and interprets as part of its workflow, enabling indirect prompt injection.