workflows-compound

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The Phase 1 "Related Docs Finder" task in SKILL.md explicitly "Finds related GitHub issues" and returns links/relationships, which means the agent ingests user-generated third-party content (GitHub issues) and uses it to influence documentation assembly and next actions.