escalation-manager

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly requires collecting and analyzing untrusted public/user-generated content—e.g., "데이터 수집: 기간 내 티켓, 채팅 로그, SNS 멘션 수집" and the references file lists "SNS 언급, 앱 리뷰, 지원 티켓" as data sources—which the agent is expected to read and use to drive escalation, sentiment classification, and response decisions.