triage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The triage workflow (SKILL.md, "Gather context") explicitly requires reading full issue bodies and comments from the project's issue tracker — user-generated, potentially public GitHub issues — which the agent interprets to make triage decisions and drive actions, exposing it to untrusted third-party content.