epic-management

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill actively reads and processes user-generated GitHub content (e.g., via gh issue view, gh project item-list and gh project field-list and stores observations with mcp__memory__create_entities), which can be public/untrusted and therefore could carry indirect prompt-injection.