qa-docs-coverage

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The Phase 0 "Context Extraction" workflow explicitly instructs extracting repository content via external tools (e.g., gitingest / repo2txt, including a note to "Replace 'github.com' with 'gitingest.com'") which implies fetching and ingesting public/user-generated code from third-party sites that the agent will read and use to drive audit decisions.