batch-linear-tickets

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly requires reading Linear tickets via the Linear MCP (mcp__claude_ai_Linear__*), sends full ticket descriptions/comments to the linear-ticket-investigator agents and includes those Decision Pack contents in planner prompts (Phases 1 and 4), so untrusted, user-generated Linear ticket text is ingested and directly influences planning and execution.