printing-press-retro

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly fetches public GitHub issue data via gh issue list in references/issue-template.md Step 2.5 (EXISTING_OPEN_RETROS) and then reads and reasons over those user-generated issue titles/bodies to decide deduping and whether to create or comment on issues, which is untrusted third-party content that can influence tool decisions.