agentic-workflow-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill exposes the agent to untrusted third‑party content because the CLI Command Reference explicitly includes "gh aw add " (Add workflow from URL) and the document shows compiling and running workflows (gh aw compile, gh aw run), meaning arbitrary public URLs can be fetched, compiled, and executed, allowing external content to influence agent behavior.