kata-check-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly queries and fetches GitHub issues (via gh issue list and gh issue view) and ingests their user-generated issue bodies into the workflow (pulls them into local .planning files and displays/uses the description when offering actions and routing to execute tasks), so untrusted third‑party content can influence subsequent actions.