bitbucket

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md explicitly shows commands that fetch and display Bitbucket Cloud content (e.g., "af bb pr get", "af bb pr comment list", "af bb pipeline logs") which are user-generated/untrusted third‑party data from public Bitbucket workspaces and could be read and acted on by the agent to influence subsequent actions.