multi-contributor-synthesis-coding

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). This skill explicitly instructs the agent to fetch and review contributor branches and GitHub PR diffs (e.g., "Step 1: Assess" — "Fetch the branch and review the diff", "Never trust the GitHub diff", and the "Cherry-Pick from Old Branch Bases" workflow), meaning it consumes user-generated PR/branch content from third-party forks that the agent must interpret and that can directly influence integration and actions.