dumbwaiter-mcp

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly ingests and streams user-generated GitHub PR discussion content (see "Streaming GitHub comment events" in SKILL.md), with wait.await emitting per-comment notify_progress that includes comment body, URL, reactions and code context, so untrusted third-party text can directly influence orchestration and subsequent actions.