ln-910-community-engagement

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill dynamically fetches and parses GitHub repository data and user-generated content (e.g., via gh api graphql queries in references/github_discovery.md to read discussions and viewer/repository fields, plus mandatory loads of project-local docs like docs/community_engagement_strategy.md and CHANGELOG.md), and those untrusted third-party texts are explicitly read and used to choose actions and delegate workers, so they can materially influence agent behavior.