content-type-recipes

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The recipes repeatedly show running review commands that fetch and analyze PR diffs (e.g., "/ork:review-pr 123", "Fetching PR #123", "Fetching diff (847 lines)" and "You can also paste a full GitHub URL" in the Tutorial and Agent Demo references), which clearly indicates the agent ingests untrusted public third‑party content (GitHub PRs) as part of its workflow.