harness-expert

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The "GitOps with ArgoCD" pipeline clearly performs a runtime git clone of an arbitrary manifest repo (git clone <+input.manifest_repo> in the "Update Manifest Repository" stage) and calls arbitrary URLs (e.g., <+input.argocd_api_url>, <+input.prod_url>), meaning untrusted public repository/web content can be fetched and directly influence pipeline actions.