pipeline-monitor

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill fetches and parses CI data and raw build logs from external services (e.g., fetch_build_history using gh/glab/curl to call GitHub/GitLab/CircleCI APIs and detect_flaky_tests downloading logs via "gh run view --log"), which are untrusted, user-generated third-party contents that the agent reads and uses to drive analysis and recommendations.