check-status

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill actively fetches and parses user-generated content from public third-party services—e.g., GitHub PRs, titles/bodies and workflow runs via scripts/gatherers/github-gatherer.ts (using gh pr list/gh run list) and Linear issues via scripts/gatherers/linear-gatherer.ts (queried through the Linear MCP / Claude CLI)—and the agent is expected to read and interpret those results as part of its workflow, so untrusted content could carry indirect prompt-injection threats.