vibe-kanban

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill accepts externally-provided card data via its MCP API (see references/mcp-api.md vk_create_card and vk_move_card) and can be run in remote mode (VIBE_KANBAN_REMOTE / docker-compose) so untrusted, user-generated card titles/descriptions are ingested and directly drive workspace creation and agent execution, allowing third-party instructions to influence agent actions.