takt-analyzer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's required/reference instructions (e.g., references/takt/builtins/ja/facets/instructions/gather-review.md and research-dig.md) explicitly instruct fetching and loading external, user-generated content—running gh pr view / gh pr diff to retrieve GitHub PRs and downloading public data sources—so the agent will read and act on untrusted third‑party content as part of its workflow.