triaging-issues

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill reads and processes user-generated GitHub issue content via mcp__github__issue_read (including issue bodies, comments, and external links such as Google Drive, Dropbox, and Hugging Face links referenced in Step 1.5), exposing the agent to untrusted third-party content that could carry indirect prompt injection.