scrum

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly instructs agents to read and query external issue trackers (e.g., "GitHub Issues, GitLab Issues, Jira, Redmine") and to use/interpret backlog and issue content as part of Status, Setup, and Product Owner workflows (see "Status" and "Product Owner → Environment" sections), which are untrusted/user-generated sources that can influence actions and decisions.