monitor-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly spawns a background "ci-monitor-subagent" that polls Nx Cloud and CI provider attempts and directs the main agent to parse and act on returned untrusted artifacts such as taskOutputSummary, suggestedFix, and other subagent output (see "Step 2a: Active Output Monitoring" and "Unverified Fix Flow" / "Analyze fix content" in SKILL.md), which are third-party/user-generated CI outputs that can materially influence actions like applying fixes, committing, and calling MCP APIs.