zulip-cogen

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly retrieves and ingests user-generated Zulip messages from the ct_zulip_messages table in a DuckDB CT Zulip archive (~/ies/hatchery.duckdb and referenced CT Zulip Archive) and uses that content as the context for generating proofs/diagrams/code, so untrusted third‑party chat content can materially influence generation and tool behavior.