implementation-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill ingests untrusted, user-generated GitHub issue content via implementation_manager.fetch_tasks_from_github (called by the CLI commands status/ready-tasks when --github and --parent-issue are used), which fetches issue bodies through backlog_core.github.get_task_issues and parses them into tasks that directly influence ready-task selection and agent dispatch.