sentry

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The SKILL.md explicitly directs the agent to fetch and read user-generated issue and event data from Sentry API endpoints (e.g., https://sentry.io/api/0/organizations/my-org/issues/ and .../events/latest/), which are third‑party/untrusted content (stack traces, messages) that the agent is expected to interpret and that could influence follow-up actions like resolving or ignoring issues.