copilot-coding-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The workflow automatically assigns the Copilot coding agent to GitHub issues (including ones created via external systems like Jira/Zapier) so the agent reads and acts on user-generated issue descriptions on GitHub (see SKILL.md sections "외부 시스템(Jira) → GitHub Issue → Copilot PR 파이프라인" and "이슈 설명을 상세히 작성할수록 Copilot 결과 품질 향상"), meaning untrusted third‑party content can directly influence agent behavior.