lgtm

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill instructs the agent/subagents to run the lgtm CLI against external observability endpoints (Loki/Prometheus/Tempo) — e.g., via lgtm loki query, lgtm tempo search, and Grafana Cloud discovery described in SKILL.md and config.example.yaml — which fetches arbitrary logs/traces/metrics (untrusted, user-generated content) that the agent is expected to read and use to decide follow-up queries and actions, creating a clear vector for indirect prompt injection.