vault-insights

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly queries GitHub PRs (via the required step "gh pr view --json state,mergedAt,closedAt" for notes tagged #pr) which fetches untrusted, user-generated third-party content whose state can alter the audit's findings and actions.