contract-testing

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill instructs CI to publish and pull consumer-generated pacts from a Pact Broker (see "Publishing Pacts (Consumer CI)" and "Provider Verification" / "Pact Broker" sections), meaning the agent's workflow ingests untrusted, user-generated pact JSON from the broker and uses those contents to drive provider verification and can-i-deploy decisions.