golang-observability

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's workflow explicitly directs the user/agent to browse and copy rules from public, user-maintained sites (e.g., "Check awesome-prometheus-alerts" in references/alerting.md and importing dashboards from grafana.com in references/dashboards.md), which means the agent is expected to ingest and act on untrusted third‑party content that can materially change configuration/behavior.