monitor-ci

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 1.00). The SKILL.md explicitly instructs the agent to spawn a subagent that polls Nx Cloud CI attempts and to read/interpret returned third-party content such as taskOutputSummary, suggestedFix/suggestedFixReasoning and selfHealingSkipMessage (CIPE URLs) from the Nx Cloud/CI provider and then apply/reject fixes or run local actions based on that content, exposing the agent to untrusted external content that can influence behavior.