dev-announce

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required workflow (Step 1: "If the user provides a PR, commit, branch, issue, or file path: Read the relevant code changes, PR description, or commit messages") explicitly instructs the agent to ingest and interpret user- or public-sourced PRs/commits/issues, which are untrusted third-party content that can materially influence tweet drafting.