kata-debug

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's debugger instructions (references/debugger-instructions.md), which are read into the agent prompt and used at runtime, explicitly instruct the agent to perform web searches and check external sources like GitHub issues and official docs — i.e., ingesting and acting on untrusted public web content that can influence debugging actions.