planning

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The Research & Analysis phase explicitly instructs agents to perform "GitHub Analysis" (reading GitHub actions, PRs, issues, discussions) and "Remote Repository Analysis" using repomix --remote , which causes the agent to fetch and ingest public, user-generated content from arbitrary GitHub repositories and related web resources.