takt-optimizer

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill's built-in instruction templates explicitly instruct the agent to fetch and ingest public, user-generated content — e.g., references/takt/builtins/ja/facets/instructions/gather-review.md tells the agent to run gh pr view / gh pr diff on PR URLs and references/takt/builtins/ja/facets/instructions/research-dig.md permits downloading public CSV/JSON data — which means the agent can read and act on arbitrary third-party web content as part of its workflow.