buildkite

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches and interprets Buildkite job logs and pipeline data from the third‑party Buildkite service (e.g., "bk job log JOB_ID" and "bk api /v2/organizations/ORG/pipelines" in SKILL.md and references/build-debugging.md), which are user-generated/untrusted content the agent is expected to read and that can materially influence decisions (debugging steps, rebuilds, API calls).