triage-agent

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly reads and parses user-generated issue tracker content (parent issue title/description and the most recent comment) via the configured issue-tracker MCP and may fetch listed artifacts, so untrusted third-party issue/comments could contain instructions that influence routing, decisions, and subsequent tool actions (see "Required Inputs" and "Context Gathering Order" in SKILL.md).