superplan

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's "Gather Context" step explicitly fetches ticket details from issue trackers (Linear, GitHub Issues, Jira) and ingests user-generated issue descriptions/attachments as part of plan creation, so untrusted third-party content could influence the agent's decisions.