coderabbit-incident-runbook

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The runbook explicitly fetches and interprets external, untrusted content—e.g., checking https://status.coderabbit.ai in Step 1 and calling the GitHub API to read PRs, reviews, and the repository .coderabbit.yaml in Step 2/3—which are user-generated/public sources and are used to decide actions like bypassing branch protection or triggering re-reviews.