platform-integration

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill includes explicit workflows and scripts that read and act on user-generated content from public platform APIs—e.g., the .github/workflows/traceability-check.yml and accompanying Python/Actions scripts that fetch and parse GitHub issues/PR bodies via the GitHub API and the azdo-audit-trail.md/azdo-measurement.md examples that call Azure DevOps audit/Analytics OData endpoints—so it clearly ingests untrusted third‑party content (issues, PRs, comments, audit logs) and uses that content to make decisions or drive actions.