agentflow

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). Yes — the skill's orchestrator and workers explicitly read and act on user-generated Kanban card content and comment threads from external project management tools (Asana, GitHub Projects, Linear) and GitHub PR context, which the agents ingest and use to decide actions and dispatch workers.