subagent-orchestrator

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's MCP orchestration docs (references/mcp-orchestration.md) explicitly state the agent will discover and read "Resources" and server-provided "Prompt Templates" from MCP servers and may connect to external servers (e.g., GitHub), which are untrusted third-party content sources the agent is expected to ingest and act on.