team-update

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests and interprets user-generated chat/channel messages and issue tracker items as part of its workflow (see Phase 1b "Chat messages: Messages in the configured channel since last update" and Phase 3 "Read Responses"/"Classify Feedback"), which are untrusted third‑party sources that can influence triage, issue creation, replies, and next actions.