commit

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly queries external issue trackers and repository remotes (e.g., "git remote get-url origin" and "gh issue list --limit 5 --state open" in Step 3) and parses user-generated issues/ticket data to decide ticket association and branch names, so it ingests untrusted third-party content that can influence actions.