project-scaffolding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The Harness GitOps pattern (Pattern 4) explicitly runs "git clone <+input.manifest_repo>" and then edits/deploys k8s manifests, meaning the skill's workflow fetches arbitrary external repositories (untrusted, user-provided content) and acts on their contents, which could materially influence actions.