orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill includes components that ingest and interpret third‑party user-generated content—notably musubi-resolve / IssueResolver for GitHub issue analysis (user-generated issues) and musubi-browser for running browser automation against arbitrary web pages—so the agent is expected to fetch and read untrusted public web/social content as part of its workflow.