buddy

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The skill explicitly ingests untrusted user-generated content: agents/linear-reader/SKILL.md uses the Linear MCP to fetch full issue descriptions and comments as the task input, and agents/researcher/SKILL.md instructs using the Web Search (Brave) MCP to retrieve and synthesize public web content—both of which the orchestrator reads and uses to drive planning, development, and tool actions.