c4-architect

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill explicitly describes reading code from the GitHub API as part of its workflow (see the L1 diagram "System_Ext(github, 'GitHub API', 'Provides codebase context')" and the "State Mapping: Use codebase_investigator to extract the current system structure"), meaning the agent will ingest untrusted, user-generated third-party content.