gadd-close

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.70). The skill explicitly reads "external drift metadata when configured" and describes checking and acting on external trackers (GitHub/Linear/Jira) in the SKILL.md "Reads" and "External Tracker Rule" sections, which means it ingests untrusted, user-generated content from third-party trackers and uses that content to gate or change closure actions.