agent-workflow-automation

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill ingests and interprets user-generated repository and PR content from GitHub (e.g., gh pr view / gh run view and numerous npx ruv-swarm commands like analyze-repo, analyze-codebase, detect-stack) as part of its workflow, exposing the agent to untrusted third-party content that could enable indirect prompt injection.