Rewind

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's archaeology and investigation workflows explicitly instruct the agent to consult PR descriptions and issues on GitHub/GitLab (e.g., "Look for related PR/Issue", "PR descriptions" and "Issues/tickets" in INFORMATION_SOURCES and workflow steps), which are user-generated third‑party sources the agent is expected to read and that could materially influence analysis and follow-up actions.