fleet

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests untrusted, user-generated content — e.g., syncing GitHub issues/PRs via "fleet project track-issue" and "gh pr list" (Performance & Architecture) and capturing full tmux scrollback/transcripts from remote VMs for admiral reasoning (Admiral Configuration / scout/advance workflows) — and that content is used to drive decisions and send inputs, so third-party content can materially influence actions.