daily-review

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The workflow explicitly pulls GitHub commits with "gh search commits --author=TaylorHuston --committer-date=YYYY-MM-DD", which ingests user-generated/public third‑party content that the agent is expected to read and summarize, creating risk of indirect prompt injection.