devops-detector

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly ingests "public signals" such as repository_signals (e.g., .github/workflows/*.yml and Dockerfiles), job_signals (public job postings), and discovered_subdomains (DNS/http signals) — untrusted third‑party content that the agent reads and uses to drive detection decisions.