epic-tracker

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's sync workflow (references/sync.md) and its tracker adapters (references/adapters/github.md, jira.md, linear.md) explicitly fetch and ingest issue/issue-body content from external trackers (GitHub/Jira/Linear), which is untrusted user-generated third-party content and is read and acted on to decide status, body updates, conflict resolution, and subsequent push/pull actions.