issue-driven-development

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). This skill explicitly reads and interprets user-generated, public content—e.g., GitHub issue comments (Step 2) and external online resources like Stack Overflow/API docs (Step 5)—as part of its workflow, which exposes the agent to untrusted third-party content and potential indirect prompt injection.